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0.1. Define SOA. What are its benefits ? 

Ans. A service-oriented architecture (SOA) service exposes a clearly 
defined activity like credit card validation to consuming business applications 
that might need to perform that function (such as an order processing 
application). At the core of the service-oriented architecture philosophy is the 
modularization of business functions for greater flexibility, manageability, and 
reusability. With thoughtful engineering and an enterprise point of view, SOA 
offers positive benefits which are as follow — 


(i) Language-neutral Integration — The foundational contemporary 
Web services standards use extensible markup language, which is focused on 
the creation and consumption of delimited text. Regardless ofthe development 
language used, these systems can offer and invoke services through a common 
mechanism. Programming language neutrality is a key differentiator from past 
integration approaches. 


(ii) Component Reuse — Given current Web service technology, 
once an organization has built a software component and offered it as a service, 
the rest of the organization can then utilize that service. With proper service 
governance, emphasizing topics such as service provider trust, service security, 
and reliability, Web services offer the potential for aiding the more effective 
management of an enterprise portfolio, allowing a capability to be built well 
once and then shared. Multiple components can be combined to offer greater 


capabilities in what is often termed “orchestration”. 


7 (iii) Organizational Agility — SOA defines building blocks of software 
capability in terms of offered services that meet some portion of the 
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organization's requirements. These building blocks, once defined and reliab| 
operated, can be recombined and integr ated rapidly. 

(iv) Leveraging Existing Systems - One common use of SOA is, 
define elements or functions of existing application systems and make them 
available to the enterprise in a standard agreed-upon way, leveraging th 
ent already made in existing applications. The Mos} 
se for SOA is often made regarding leveraging this 
bling integration between new and old systems 
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on object request broken architecture, distributed common object model, 
comm „s communication foundation, Representational state transfer, and other 
Mose and protocols. It is this flexibility and neutrality that makes SOA 
sc weet in designing complex applications. 


Q.3. What are the basic and key features of SOA ? 

Ans. Basic Features — The basic features of SOA are as follows — 
(i) Separate functional entity. 
(ii) Access to large amounts of data under a low frequency. 
(iii) The way to transmit message based on text. 


substantial investm 
compelling business cà 
legacy investment, ena 
components. 
^ at do vou understand by service oriented architecture (SQA ) 
| HOA sepu cloud computing ? Explain. [R.GPV. Dec. 2013 (BE) 
Ans. SOA is a specification and a methodology for providing platfo 
and language-independent services for use in distributed applications, SO 
describes a message-passing taxonomy for a component-based architecture 
that provides services to clients upon demand. Clients access a component 
that complies with SOA by passing a message containing metadata to be acted 
upon in a standard format. The component acts on that message and returns 
a response that the client then uses for its own purpose. Service consumers 
and service providers do not pass message directly to each other, 
Implementations of SOA employ middleware software to play the role o 
transaction manager and translator. This architecture does not contain executable 
links that require access to a specific API. The message presents data to the 
service and the service responds. It is up to the client to determine if the 
service returned an appropriate result. A SOA is then seen as a method for 
creating an integrated process as a set of linked services. The component 
exposes itself as an “endpoint” to the client. 


E Business Processes Execution Language for Web Services 
Processes 


Quality of | | Reliability | | Transactions | | Management | | Management 
Services 
Description Web Services Description Language 


Messaging C sor — ] Other Protocols 


xtensible Mar 


Key Features — The key features of SOA are as follows — 

(i) Providing application development and integrated architecture, 
strategy on the level of thought way, and no longer only focusing on the 
technical level. 

(ii) Providing a model of component that is functional unit what 
can be used. 

(iii) Providing the way to integrate the functional units and make 
them interact with each other. 

(iv) Providing the standardized interfaces, which are independent of 
the operating systems, hardware platforms and programming languages. 


Q.4. Describe the integration between SOA and cloud computing. 


Ans. The core of SOA is the service, which packages all components as 
services. It solves the problem of business requirement in the form of service. 
And the specifications of Web service which is as one of the realizable 
mechanisms of SOA, have many characteristics, such as standard, simple, 
cross-platform, cross-operating system and cross-language. It is generally 
followed by the grid computing, cloud Computing. Thus, cloud computing as 
a new Web service based on the SOA, can easily coexist with other Web 
services, and can interoperate’ with each other. But for users, they just need to 
know what kind of service they need, just need to understand how to access 
services without having to know who is to provide services in the end. 

SOA is a software-oriented structure, allowing enterprises to get more 
than one service (a service that is a function module) from the service provider, 
and then forming a service that they need through a combination of different 
mechanisms. All resources are services in the cloud computing — the enterprises 
can purchase hardware service, platform services, and software services from 


Fig. 1.1 the cloud computing provider, and make the resources they have bought as a 
A protocol stack for an SOA architecture and how those different protocols! service provider. The cloud services offer a number of services which are 


execute the functions required in the SOA is shown in fig. 1.1. In the figure, available to be integrated for the SOA. Since the function provided by a single 
the box labeled other services cloud include Remote procedure calls, Jint} cloud service is often unable to meet the business needs, so we need to integrate 


And Services 


L 
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and combine cloud services to 
solve the specific business 
problems, and SOA services can 
be effectively integrated and 
combined. So it is both necessary 
and possible to integrate the two. 

It can be said that the cloud 
computing integrates lots of 
advantage of the SOA’s 
technologies and ideas. There is 
the possibility of integration 
between cloud computing and 
SOA. We can see form the fig. 
1.2 that there are two ways 


od 


possible to integrate the SOA and Fig. 1.2 The Possible Ways of Integration 
cloud computing — one is SOA between SOA and Cloud Computing 
provide services totally depending on using cloud computing, the other one ig 
SOA provide services partly depending on using cloud computing. It shoul 
be noted that, standards should be made between SOA and Iaas, SaaS an 
PaaS. Only in this way it can be possible to achieve interoperability betwee 
the two, and to achieve the blend between the two. 

The ideal way of integration between SOA and cloud computing i 
seamlessly integrating the SOA into the cloud computing platform and adoptin 
cloud computing to provide services. 


SOA Provides Services Totally 
Depending on using Cloud Computing 


SOA & lanS 


SOA & PaaS 


Unified 
Standard 


SOA & SaaS 


SOA Provides Services Partly 
Depending on using Cloud Computing 


Unified 
Standard 


0.5. Explain the design of cloud computing framework model base 
on the SOA. 

Ans. The emergence of SOA has effectively solved the problem o 
information isolated in land and legacy systems. It has not only achieved th 
integration and sharing of resources, but also met the various needs of th 
business development and made a significant contribution to the reform of th 
enterprise business systems. However, with the continuous development o 
the computer and Internet technology, with the increasing amount of resources 
the traditional approach has been unable to meet the demand. The emergenc 
of cloud computing offers the possibility to solve this problem, the clou 
computing architecture based on SOA cannot only make full use of hardwar 
and software resources existed, but also save costs, be good for maintenance 
which reflects its practical significance. We design the cloud computin 
architecture based on SOA, the architecture includes multiple levels containin 
the applications and hardware systems. An alternative reference architectur 
shown in fig. 1.3, bottom-up can be divided into hardware platform layer 
cloud management layer, SOA structure layer and application service layer. 
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Fig. 1.3 


(i) Hardware Platform Layer — That is, the so-called IaaS in the 
cloud computing, it includes physical and virtual service layer. It is the basic 
layer in the structure of cloud computing. Its main role is providing clients 
with virtualized storage resources, computing resources, network resources, 
and communication resources. And the hardware it provides containing storage 
servers, CPU, computers, and so on. The CPU resources can provide the 
services of data computing and processing for the users, the capacity and 
speed of data processing is much better than the client's computer. The memory 
resources can provide for users far more storage capacities than the client's 
computer cluster can provide distributed computing, greatly improving the 
speed of computing. | 
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(ii) Cloud Management Layer — That is, the so-called PaaS in the 
cloud computing. The function of this layer is that, it has the capability of use; 
management which contains account management, user interaction management, 
cloud resource management which contains resource deployment, performance 
optimization; cloud security management which contains identity authentication, 
access authority management, and cloud data management which contains server 
deployment, database dispatcher management. This layer ensures that the various 

resources can be applied safely and efficiently. 


(iii) SOA Structure Layer — This layer can package the cloud resource 
management, cloud security management, cloud data management, User 
management which come from the cloud management layer into the standard 
Web services, then put them into SOA system for the efficient use and 
management. This layer includes the components of service registration, service 
search, service access, and so on, enabling the system to quickly respond to 
various levels of service (IaaS, PaaS, SaaS). 


(iv) Application Service Layer — That is, the so-called SaaS in the 
cloud. This layer provides for users services which are packaged by the SOA 
structure layer. The end-consumers can customize or get the services they 
need through a specific entrance into the center of cloud computing. Through 
the cloud computing application service layer, end-customers can save a lot o 
overhead used in the application development and improving machine 
performance to use the much better machine performance in the area o 
complex computing or storage work. 

In this model, we can learn to use the idea of SOA to get the cloud computing 
service, the core idea is the interaction between the service requesters and the 
service providers. The main roles include cloud computing service requester, 
cloud computing service providers (covering cloud computing services and basi 
resources) and cloud computing service repository (in the SOA structure layer) 
The service requestor is an application, a software module or another servi 
requiring a service. Service provider is a virtual service in the cloud computin 
environment that accepts and executes requests from users. It publishes the servic 
and interfaces contract to the service repository so that service users can discov 
and access the services, It contacts the basic services and infrastructure resourc 
to complete the demands of the service requester. A service repository is a suppo 
for discovery a service, it contains a repository of available services and allow 
user to find service interfaces that they are interested. 

Q.6. What are Web services ? 


Ans. A Web service is a software component that is independent of 
implementation and platform. It is a standardized way of integrating We 
based applications using the XML, SOAP, WSDL and UDDI open stan 
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er an Internet protocol and it is the hottest buzz-word in computing today. 
EN to Web services, interoperability and integration were major hurdles in 


plication development. Limited integration and interoperability took place 
midst numerous technologies, vendors, obstacles and formats that prevented 
oon of data. Then Web services technology came along and changed all 
that. Web services is a technology for transmitting data over the Internet and 
allowing programmatic access to that data using standard Internet protocols. 
[t is this programmatic interface that allows two applications to be integrated. 
The important part of Web services is that it allows a developer to include 
various functionalities into a program without the need of "reinventing the 
wheel" and without needing to know anything about the business logic or 
complexity of the Web service being used. Web services today are frequently 
just application programming interfaces (API) or Web APIs that can be accessed 
over a network, such as the Internet, and executed on a remote system hosted 
the required services. Web services implementation typically consists of two 
stages — service publish and service consume. In addition, for big Web services 
there is a third stage — service discovery. 
Web services can be classified in two classes, SOAP Web services 
(arbitrary Web services) and Restful Web services. 


ap 


Q.7. What are the components of Web service ? 
Ans. There are following three major components of Web service — 


(i) SOAP - The simple object access protocol (SOAP) is based on 
XML. SOAP is intermediate language so that the applications written in different 
language can talk with each other. That means SOAP is language independent. 
SOAP is also platform independent. SOAP messages can be carried by a variety 
of network protocols; such as HTTP, SMTP, FTP, RMI/IOP, or a proprietary 
messaging protocol. But the simplest way is to use HTTP. SOAP is a light- 
Weight protocol that is used for data interchange between applications. SOAP 
is based on XML and XML is light-weight so SOAP is also light-weight. 


(ii) UDDI — The universal description, discovery and integration 
(UDDI) is a XML based framework for describing, discovering and integrating 


Web services. UDDI is a directory of Web service interfaces described by 
WSDL, containing information about Web services. 


l (iii) WSDL — The Web service description language (WSDL) 
provides a model and a standard in XML format for describing the functionalities 
of the Web services. WSDL describes Web services interface and provide 
users with a point of contact where service resides, what the service can do, 
and how to invoke it. The description also includes details like data type 


definitions, the operations supported by the service, input/output message 
formats, network address, protocol binding. 


; 
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Q.8. Explain the architecture of Web services with suitable block, 


diagram. . E 

Ans. In a Web service architecture a service description covers all the ; 
necessary details to grant the service interaction, including messages's format, prov 
the transport protocols and physical location. This interface hides service 
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Some are common operations used in Web services architecture are — 

(i) Bind- Whena service must be accessed, this operation invokes 
tializes interaction within its caller in runtime, using binding information 
he service description to both locate and contact it. 


and ini 
ded by t 
(ii) Publish — A service must be published in an service registry to 


sed. The service provider thus contacts the service registry to publish 


implementation details, allowing that the same service can be used independently ac acacia 
of the underlying hardware or language, thus making Web services-baseq the service- ; "Jm 
4 c ° B nm LH mE - . 
applications component-oriented making those components available for reus (iii) Discover — A service requestor finds a description of the service 
e bJ 


or queries a service registry for the required service type. A service requestor 
can find a service interface description in both run time or development time. 
Then, the necessary information regarding bindings and locales to invoke a 
service are found and contacted. 


The Web services architecture is shown in fig. 1.4. 


Services Description 
Service 
0.9. Define conceptual layers in Web services. 
Ans. Web services conceptual layers are shown in fig. 1.5. 
(i) Service Publishing and Discovery — These two layers use the 
universal description discovery and integration (UDDI) standard to discovery 


Service and publish information regarding Web services. 


Description 


(ii) Service Description — The description of the service is done 
using the Web services description language (WSDL), which defines the 
interface and interaction mechanisms of the service, further describing additional 
informations such as context, quality of service and service-to-service 
relationship. 


(iii) XML-based Message — This layer uses the SOAP protocol as 


the message exchange technology standard, which stands for exchange of 
information in a distributed, decentralized environment. 


Connect & Utilization 
of Services 


Fig. 1.4 Web Services Architecture 
The three entities of Web services architecture are as follows — 


(i) Service Provider — This is the service’s owner from the business 
perspective. From the architectural approach, this is the platform that i 
accessed in the service request. It is also the entity that creates the We 
service, being responsible to make its description in some standard format a 


publish its details in a central registry. 


(ii) Service Requestor — It is an application that invokes or initializ 


some interaction with the service. It could be a web browser or even a non 


user interface program such as another Web service. By using the servi 
description it is possible to discover and invoke Web services. 


(iv) Network Tier — lt is the base layer that represents protocols 
such as HTTP, FTP, SMTP, POP, etc. This tier is used accordingly to the 
needs of the applications — security, availability, performance and reliability. 


Standard Technology 


(iii) Services Registry — |t is the place where service provide 
publishes their service descriptions. Service requestors search the registrie 
fetching binding and description information both during the development ti 
(static bindings) or run time (dynamic bindings). 

There is the service description whose contents describes interface an 
implementation details, including data structures, operations and network bindin 
informations. Also it contains data to simplify service requestor's searchin 
process. The service is the software deployed through the network by th 
service provider. 


UDDI 
UDDI 
WSDL 
SOAP 
HTTP, FTP, Email 


( Service 


Fig. 1.5 Web Services Conceptual Layers 
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Q.10. What is SOAP ? 

Ans. The simple object access protocol (SOAP) is a messaging protocoj 
that allow applications to communicate using HTTP and XML. It represents a 
fundamentally stateless, one-way message exchange paradigm between nodes 
By combining one-way exchanges with features provided by the underlying 
transport protocol and/or application specific information, SOAP can be used 
to create more complex interactions such as request/response, request/multip]e 
response, etc. 

The process of invoking Web services is very important, therefore the 
SOAP protocol is established to exchange messages between service providers 
and consumers. It is a structured XML message format for exchanging da 
in a distributed environment. It uses an underlying transport protocol (HTTP 
SMTP etc.) through binding. There are two versions of SOAP — SOAP version 
1.1 and SOAP version 1.2. 

There are three main types of SOAP nodes as follows — 


(i) SOAP Sender — Generates and transmits a SOAP message. 
(ii) SOAP Receiver — Receives and processes the SOAP messag 
and it also may generate SOAP response, message or fault as a result, and 


(iii) SOAP Intermediary (Forwarding or Active) — It is both, a SOAP 
receiver and a SOAP sender, It receives and processes the SOAP header bloc 
targeted at it and resends the SOAP message towards an SOAP receiver. 


SOAP 
Service 


Client 


SOAP 
Response 


page el 


Fig. 1.6 SOAP Architecture 

The SOAP message has a structure, which is characterized with tw 
SOAP-specific sub-elements within the overall SOAP Envelope (env:Envelope 
namely a SOAP Header (env:Header) and a SOAP Body (env:Body). 
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SOAP architecture 1s shown in fig. 1.6. 

SOAP client is a program that creates a XML document containing the 
information to invoke remotely a method within a distributed system 
e a WEB or application server). SOAP server is responsible for 
a SOAP message and acts like a interpreter and distributor of 
Mensagem SOAP is the basic communication form between SOAP 
quests to invoke a method on a service, including in parameters 
and SOAP responses from a service method, including return value and out 
meters, errors from a service. 

SOAP is a lightweight independent protocol. It is independent and 
lightwei ght because it does not matter what Os or what platform is the service 
used from — if responds in the same way in any platform or OS. All this is 
possible because of XML and HTTP protocols. 


necessary 
(it could b 
executing 


nodes. SOAP re 


para 


Q.11. What are the types of SOAP messaging request ? Explain. 


There are two types of SOAP messaging requests — remote procedure 


Ans. 
document request. These are as follows — 


call (RPC) and 

(i) Remote Procedure Call — A remote procedure call represents 
execution of a procedure in another remote address, usually on another 
computer in the same network, which is previously coded and it is called as a 
normal procedure local call. Thus, the programmer will only have to develop 
the code once, and it does not matter if the call is performed in local or remote 
circumstances. 

This procedure represents a client-server model interaction, which is 
implemented through a request/response methodology. These requests and 
responses are formatted in XML. Usually, this communication is synchronous, 
which means that when a request is sent, the app is blocked until the response 
is processed and returned. 


Client Machine 
Client Program === --2---2-2---2-2--2-2-222-222-2.— P Client Program 
Call RPC Return Continues 
Function | Invoke Request | Reply 
Services Completed 
y ——— MR 
Call Return 
Services} Services | Answer 
Executes 


Services P ———— 
Server Machine 


Fig. 1.7 RPC 


(ii) Document Requests — While transmitting information from the 
client to server or vice versa through document requests, the XML document 
Is passed in the body of the SOAP message instead of as parameter. 
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For example, a service named PurchascOrder expects a document (XML 
document) as the input message. When the request is sent through SOAp 
message, requesting the PurchaseOrder operation, it must contain a purchase 
order document as input in the SOAP message. The request is processed " 
soon as it reaches the server, and when processing is done, another XML 
document is returned as response, which might contain any kind of information 
related to that purchase. 


Q.12. Explain the working process of SOAP messaging. 


Ans. The SOAP protocol could be potentially used in combination with 
myriad of another protocols, such as HTTP, SMTP, etc. It supports remote 
procedure calls (RPC), and asynchronous messaging style functionality also, 
The SOAP data model offer data type definition to the most used structures 
like string, integer, float, double e date. The process of translating from data 
(parameters and results) to XML is often called codification. 

A SOAP package consists of four parts as follows — 


(i) SOAP Envelope — lt defines a framework that contains the 
message content, who can process that message and the status of obligation 
to process it. It is a SOAP message structure whose syntatic elements of the 
message are encapsulated. 


(ii) SOAP Codification — It defines serialization mechanisms that 
could be used to exchange instances or data types defined by an application, 


(iii) Binding Framework and SOAP Transport — It defines a abstract 
framework to exchange SOAP envelopes between applications using a simple 
transport protocol. 


(iv) RPC SOAP — It specifies how encapsulate remote procedure 
calls and responses inside the message, thus invoking remote procedures. 


A SOAP message is a envelope containing optional headers and a body 
actually containing a message with its parameters or results. The SOAP 
messages are written in XML as follows — 


<env:Envelope xmlns:env-?"» 
<env:Body> 
<m:getLastTradePrice 
env:encodingStyle=” 
http://www.Shivani.org/2001/06/soap-encoding” 
xmins:m=” 
http://www.Shivani.org/2001/06/quotes” 
<symbol>DIS</symbol> 
</m:GetLastTradePrice> 
</env:Body> 


</env:Envelope> 


Fig. 1.8 SOAP Envelope Sample Code 
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envelope presents the structure 
1.9, where we can see the parts 
at composes the envelope. The SOAP block is a 
tha atic construction used to enclosure data that 
ipee logically onc only computational unity. 
Ph is identified by an external element called 
p namespace. The SOAP header is a collection 
d ro or more blocks, whose could be redirected 
e me known SOAP receptor inside the 
ih h. Finally, the SOAP body is a 


age's pat 
message $ pa 
collection of zero or more blocks redirected to 


the last SOAP receptor. 

The message navigate through the SOAP 
s shown in fig. 1.10. Once SOAP does -~ 
not guarantee routing, it knows which SOAP Fig. 1.9 SOAP Envelope 
sender created the message and knows who will Structure | 
be the last receptor of the message through zero or more intermediary 


nodes. 


The SOAP SOAP Envelope 


as shown in fig. 


SOAP Header 


SOAP Block 


SOAP Body 


SOAP Block 


nodes a 


SOAP Receiver SOAP Sender 


Initial SOAP 
Sender 


Intermediate SOAP Nodes 


{ 


ee es 


Fig. 1.10 Message’s Path Through SOAP Nodes 


When a SOAP node receives a message, it must execute a process, 
generate success or fail messages or, if necessary, return additional messages. 

The process of XML message using SOAP is shown in fig. 1.11. The 
application requests a SOAP message and invokes the service operation 
through a Web service provider. The service requestor presents the message 
including the network address of the Web service provider. The network 
infrastructure ships the message to a SOAP server. This SOAP server 
redirects the requested message to the Web service provider. The WEB server 
is responsible to process a request message and then build a response. The 
message is redirected through the SOAP infrastructure. When a XML message 
arrives at the requestor, is converted to a programming language, being 
shipped then to the application. 
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Response 


Requisition 


Fig. 1.11 XML Message using SOAP 


Q.13. What are the advantages and disadvantages of SOAP ? 


Ans. The advantages of SOAP are as follows — 

(i) SOAP is platform independent. 

(ii) SOAP is portable. 

(iii) SOAP is capable of getting past firewalls which are totally 
blocking for other protocols. This is possible due to use of the HTTP 
protocol. 

(iv) It is unlikely that future modifications of SOA infrastructure 
will have any impact on application using the method, as long as no significant 
serialization changes are made to SOAP specification. 

(v) SOAP relies on open instead of vendor-specific technologies 
and thus enables distributed interoperability and loosely coupled applications. 

(vi) SOAP is based on the open standard XML. As a consequence, 

SOAP becomes easily extendable and well supported. 
Disadvantages of SOAP are as follows — 


(i) Operation Interface — Useful information such as operation details 
and data are encapsulated within the services, just exposing only one endpoint 
of API and all operations use the POST method. 


(ii) Interoperability — Since a specific service interface is defined 
for each service, a client must be bound to a specific WSDL. Once the WSDL 
has changed, the client has to follow these changes. 


eee 


(iii) Complexity — It is time-consuming to serialize and deserialize 
native languages into SOAP messages. Furthermore, the WSDL protocol stack 


is also complex so that only programmers can understand how to deploy a 
service. 


(iv) Performance — Much information in the SOAP and WSDL is 
redundant and meaningless, It increases the network communication volume 
and server side payload and it is difficult to support the proxy and cache 
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rs because clients cannot identify the useful information straight forwardly 
rvel: ITT 
R the URI and HTTP. 


Q.14. Explain in detail about the Web services description language 


(WSDL). , T 
Ans. The Web services description language (WSDL) is a XML-based 


„uage to describe services as a collection of accessible operations through 
pie E [t defines interfaces and service interaction mechanisms, binding 
coat network services details. It presents additional descriptions such 
E moi quality of service and service-to-service relationship. By using its 
im it is possible to describe an object in a transparent, implementation- 


independent way. . 
The usage of WSDL also allows a basic service description in two parts 


as shown in fig. 1.12. 


Fig. 1.12 Web Service Description Layer 


This basic definition is separated in both service interface and 
implementation, allowing these parts to be reused separately. 

(i) Service Interface Description Layer — A service interface 
contains a WSDL service definition. This definition allows that a interface can 
be used, instantiated and referenced by multiple service implementation 
definitions. 

Binding directive describes the protocol, data format, security and other 
attributes to a particular service interface. 

port type tag informs the Web service operation elements. 

message tag is used to define data input and output regarding a operation. 

type tag defines the complex data types inside a message. 
„A interface file describes the Web service, including the methods that are 
Invoked, parameters that are sent and codification that is being utilized. 


— 
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(ii) Service Implementation Description Layer — It is a WSDL 
document that describes how a service interface is implemented by a service 
provider. A WEB-based service is modeled as a WSDL element which contains 
a WSDL - port elements collection (associated port and service Searching) 


with a WSDL — binding interface-definition element. 
A implementation file describes where the Web service is installed and 


how it could be accessed. i 
Likewise the interface and implementation definitions, the WSDL specifies 


extensions for protocol bindings and message formats, such as SOAP HTTP 


GET/POST and MIME. 


Q.15. What do you mean by UDDI ? 

Ans. The universal description, discovery and integration (UDDIJ) provides 
a mechanism to register and locate Web service for the client and interact with 
them dynamically. UDDI is defined as "a set of services supporting the 
description and discovery of businesses, organization, and another Web service 
they make available, and the technical interfaces which may be used to access 
those services" by OASIS (The organization for the advancement of structured 
information standards). Two types of clients are related to UDDI registry, one: 
who publishes the service description and another client who need the service 
description (using SOAP). The organizing structure of UDDI encodes three | 
types of information about Web services — The information about the company, 
name and contact details are seen in a white page of UDDI, the information 
related to business and service types are seen in a yellow page of UDDI, and 
another page called Green page of UDDI provides information including 


technical data about the service. 
Q.16. Explain in detail about UDDI with structure. 


Ans. The universal description, discovery and integration "E. 
specification is a common effort to define and create a standard service registry. | 
This registry can be accessed by clients and these can locate all the services | 
that they need. | 

The central component, called UDDI project manipulates a public, global 
registry called UDDI business registry. All the information maintain d the 
public registry are available to general queries. A private registry can add mis | 
controls to provide data integrity and prevent non-authorized acces mai 
way, it only can store private information, contain a subcollection f y that 
public registry, even a combination of both. The information that is m the 
business registry consists of following three components — n uered Dy 

“white pages” containing address, contact and identifiers that are kn 

“yellow pages” containing industrial categorization, and “reen vee 


containing information. 
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The UDDI implementation isa Web service registry server that provides 
a mechanism to publish ang locate services. A UDDI registry server contains 
categorized information about businesses, services that the lasts offers, and 
associations with Web services specifications. These specifications seine 
are also done in WSDL through a UDDI registry. The main information model 
used by UDDI registry is defined through a XML schema, which defines four 
types of information such as, business information, service information, 
bindings information, and service-specific information. 

The information that concludes the registry of a service consists of four 
types of data structures. This division in a information-type fashion offers 
simple partitions to help in the fast search and comprehension of the different 


data that builds the registry. The UDDI structures are shown in fig. 1.13. 


Business Entity — Information 
Regarding the Group which 
Publishes Information about the 


Service 


tModel — Services and 
Taxonomies Specification 


Business Service — Descriptive 
Information about a Particular 
Technical Service 


Binding Template — Technical 
Information Regarding Service's 
Entry-point and Construction's 

Specifications 


Contains tModels 
References. These 
Reference Call the 
Interface's Specification 
Regarding its Service 


Fig. 1.13 UDDI Structure 


(i) The businessEntity — This structure represents all the whole 
information known from an specific business or entity which publishes 
descriptive information about the entity, likewise its supplying services. From 
the XML point of view, the businessEntity is the top-level data structure whose 
information regards description about an business or entity. 

(ii) The businessService — This represents a logical classification 
of the service. The element's name contains the term “business” aiming to 
describe the purpose of this hierarchy level in service description. Thus, each 
businessService structure belongs to an only businessEntity structure. 
—-— (iii) The binding Template E These structures are technical 

criptions of Web services that are stored via individual binding Template 


Publisher Assertion — 
Information about an 

Relationship between Two 
Parts 


p 
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instances, These structures provide support for one access the services 
remotely. The support for technology-specific parameters of the application 
and configuration files are encountered also. Then, it describes how the 
businessService uses various technical information. 


(iv) The tModel — This structure is represented through metadata 
(data about data). The purpose of a (Model inside a UDD I registry 1s to provide 
a reference system. 


(v) The publisherAssertion — Many business are not effectively 
represented by only one businessEntity. As a consequence, many businessEntity 
structures can be published. Even then, they continue to represent an simple 
grouping and could demand that one of its relationships should be visible in 
their UDDI registers. In this matter, two related businesses use publisherAssertion 
messages, as a way to publish declarations on how they relate with each 
other. One or more publishers should agree that the relationship between them 
is valid. Both should publish exactly the same information, rendering their 
relationship visible. 

An UDDI registry, for this matter, runs inside a UDDI server. That registry 
is an WEB application that can be accessed via browser or by an programmable 
API, through SOAP protocol. 


0.17. Write short note on RESTful Web services. 


Ans. A major inspiration for RESTful Web services has been REST. 
This is clearly evident from the name itself. REST stands for “Representational 
State Transfer” and is primarily a style of software architecture for distributed 
hypermedia systems like the World Wide Web. Conforming to the REST 
constraints is termed as being RESTful. The Web is comprised of resources. 
A resource is any item of interest. Clients may access these resources through 
URLs (Uniform Resource Locators). Then a representation of these resources 
is returned, This representation places the client application in a state. REST 
is an architectural style and not standard, but uses several standards like 
HTTP (hypertext Transfer Protocol), URL, XML, MIME (Multipurpose 
Internet Mail Extensions), etc. In fact HTTP forms the very basis of REST 
as most of the resource handling in REST is mapped to the traditional HTTP 

methods like GET, POST, DELETE, etc. The latest generation of Web 
services has been influenced by REST to a very large extent. RESTful Web 
services are gaining a lot of momentum in the industry, especially with Internet 
companies. By using HTTP methods like PUT, GET and DELETE alongside 
POST, these are often better integrated with HTTP and Web browsers than 
SOAP based services. They do not require XML messages or WSDL service- 
API definitions. All of Yahoo’s Web services use REST, including Flickr, 
del.ico.us, etc. 
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g.t 8. Explain the architecture of RESTful Web services. 


Ans. The Web application which follows the REST architecture is called 
gsTful Web service. The architecture of RESTful Web services is shown 
4. REST (Representational state transfer) as the name implies, it has 
h client and server relationship and how state is stored. REST 

hitecture is based on the client/server architecture style. Thus, the requests 
ae responses are built based on the transferring process of the resources. All 
an saré identified by unique uniform resource identifier (URI), which 
E ily represents a document that captures the state of the resource. 
a eral; the REST style architecture is much lighter compared to SOAP. It 
does not require formats like headers to be included in the message, like it is 
required in SOAP architecture. In the other hand it parses JSON - a human 
readable language designed to allow data exchange and making it easier to 
rse and use by the computer. It is estimated to be at around one hundred 


as R 
in fig- 1.1 
to do wit 


ES faster than XML. A simple JSON document is given below — 
( 
* “firstname” : “Usman”, 
“lastneme” : “Saket” 
} 


There are several principles that designing RESTful Web service requires. 
Addressability is a REST principle where the datasets are modeled to operate 
as URI marked resources. Statelessness is another principle that the designer 
of a REST service will have to follow. This means that every transaction must 
be independent and must not be related to any previous transaction, as all the 
data required to perform and process the request are contained on that request, 
thus, the server will not have to maintain client session data. Uniform interface 
requires that an interface is uniform and standard used to access the resources, 
i.e. using fixed set of HTTP methods. If the service designer holds to these 
principles, than it is almost guaranteed that the REST application will be simple 
and lightweight. 

RESTful Web services uses GET, PUT, POST and DELETE http methods 
to retrieve, create, update and delete the resources. 

REST is becoming the go to RESTful Web Services (2006) 
for system interaction which EIE 
includes the usage of RESTful Web 
services mostly the way cloud 
providers expose their services. In 
the present days, we can easily 


conclude that most of the new Fig. 1.14 Architecture of RESTful W 
Projects are based on RESTful Services 


b 


m 
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architecture, in order to create and provide professional services. Large IT 
companies like Facebook, Google or Twitter use REST these days. 


Q.19. Explain HTTP methods for RESTful Web services. 


Ans. The four main HTTP methods that can be mapped to CRUD (create, 
read, update and delete) operations are as follows — 


(i) GET- This method is used to retrieve the requested information 
from the server and is identified by the Request-URL. If the Requesting-URL 
refers to a data-processing process, then the data is returned by the requesting 
entity as the response, unless that text happens to be the output of the process, 
Use GET requests to retrieve resource representation/information only — and 
not to modify it in any way. It is said to be safe method because it does not 
cause any changes to the resources stored. 

For example — HTTP GET http://www.xxyyzzz.com/users/321 


(^ lere O OS) 


GET - List all Orders 
PUT - Unused 

POST - Add a New Order 
DELETE - Unused 


lorders/(id) 


GET - Get Order Details 
PUT - Update Order 
POST - Add Item 
DELETE - Cancel Order 


/customers 


GET - List all Customers 
PUT - Unused 

POST - Add New Customer 
DELETE - Unused 


Interface 
Resource 


GET 
PUT 
POST 
DELETE 


/customer(id) 


GET - Get Customer Details 
PUT - Update Customer 
POST - Unused 

DELETE - Delete Customer 


LCD 


/customer/(id)/orders 


GET - Get all Orders for Customer 
aaa... | PUT - Unused 

POST - Add Order 

DELETE - Cancel all Customer Orders 


Fig. 1.15 HTTP Methods 


(ii) PUT — PUT APIs is primarily used to update existing resource 
(if the resource does not exist, then API may decide to create a new resource 
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If a new resource has been created by the PUT API, the origin server 
|; inform the user agent via the HTTP response code 201 (created) 
d if an existing resource is modified, either the 200 (OK) or 204 


(N Content) response codes should be sent to indicate successful completion 
0 


of the request. 
For example — HTTP PUT http://www.xxyyzzz.com/users/321 


(iii) POST — Use POST APIs to create new resources i.e., the data 
trictly created in the server. Talking strictly in terms of REST; POST 
methods are used to create a new resource into the collection of resources. 
Ideally, if a resource has been created on the origin server, the response 
SHOULD be HTTP response code 201 (Created) and contain an entity which 
describes the status of the request and refers to the new resource, and a 
location header. 

For example — HTTP POST http://www.xxyyzzz.com/users/321 

(iv) DELETE — DELETE APIs are utilized to DELETE assets. 

DELETE activities are idempotent. On the off chance that you DELETE an 
asset, it is expelled from the assortment of assets. Over and again calling 
DELETE API on that asset will not change the result — nevertheless, calling 
DELETE on an asset a subsequent time will restore a 404 (NOT FOUND) 
since it was at that point evacuated. 

For example - HTTP DELETE http://www.xxyyzzz.com/clients/321 


is S 


Q.20. Describe key elements of RESTful Web services. 
Ans. The key elements of a RESTful implementation are as follows — 


(i) Resources — The first key element is the resource. Suppose a 
server containing the data of several employees and the URL of the Web 
application is http://xxx.yyy.com. So in order to access an employee record 
resource via REST, one can use the command http://xxx.yyy.com /shivani/ 
101 - this command displays the data of the Shivani 101 that is stored in the 
Web server and fetches the data from the server in different formats such as 
XML or json. 


(ii) Request Verbs — The request verbs describes what needs to be 
done with the data that is obtained from the server. The browser uses a GET 
request to instruct the system to get or fetch the data from the server. There 
are different other request verbs that can be used other than GET they are 
GET, PUT, POST and DELETE. So in the example http://xxx.yyy.com/shivani/ 


101, the browser is actually using a GET verb because it wants to get the 
details of the employee record. 


(iii) Request Headers — Headers are the different additional 
information that is being sent along with the data this headers also contains the 
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different format in which the data needs to be fetched. The headers algo 
consists of the different authorization and authentication methods used. 


(iv) Request Body — Data is posted with the request. Data is normally 
sent in the request when a POST request is made to the RES r Web service, In 
a POST call, the new data that is sent is added to the server if the data is not 
present in the server before. Therefore, the request body contains the details 
of where the new data needs to be added in the Web server. 

(v) Response Body — Response body is the body or the details of 
the response that we get from the request that is being sent. Therefore, in our 
example, if we were to query the Web server via the http://xxx.yyy.com/ 
shivani/101, the web server might return an XML document with all the details 
of the employee in the response body. 

(vi) Response Status Codes — Response status code are those codes 
that indicates the status of the response from the Web server. There are different 
codes that indicates the status of each response. For example, the code 201 
indicates that the new resource has been created in the Web server without 
error. 


Q.21. Give some advantages and disadvantages of RESTful API. 


Ans. The advantages of RESTful API are as follows — 


(i) REST uses smaller message format and provides cost 
efficiency over time and better performance because of the JSON messages 
which makes the communication and there is no intensive processing 
required. 

(ii) Learning curve is reduced. 

(iii) It supports stateless communication. 

(iv) It is simple to learn and implement. 

(v) Light bandwidth since its passes message in JSON (JavaScript 
Object Notation) format also it can use multiple other formats. 

(vi) Efficiently uses HTTP verbs. 

(vii) For security it uses HTTP standards. 

(viii) REST can be consumed by any client. 

(ix) It makes data available as resource. 
Disadvantages of RESTful API are as follows — 
(i) Compared to SOAP it does not cover all varieties of Web service 
standards like security, transactions etc. 


(ii) REST request (especially GET) are not suitable for large amount 
of data. 


(iii) REST is not reliable. 
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(iv) REST APIs end up depending on headers for state (such as to 
bsequent requests to the same back-end server that handled the previous 


Re : ; 

join or for authentication). Use of headers is clumsy and ties the API to 
updat» 

ip as a transport. 


(v) Latency is request processing times and bandwidth usage. 


0.22. What are the differences between SOAP and REST ? 
Ans. The differences between SOAP and REST are given in table 1.1. 
Table 1.1 Comparison between SOAP and REST 


Changing services in SOAP Web {Changing services in REST Web 
provisioning often means a com- |provisioning not requires any change 
plicated code change on the client [in client side code. 
side. 

SOAP has heavy payload as com- 
pared to REST. 


REST is definitely lightweight as it 
is meant for lightweight data transfer 
over a most commonly known inter- 
face, - the URI. 


REST is a wireless infrastructure 
friendly. 
While REST Web services provide 


flexibility in regards to the type o 
data returned. 


SOAP is not a wireless infrastru- 
cture friendly. 


SOAP Web services always return 
XML data. 


It consumes more bandwidth be- 
cause a SOAP response could re- 
quire more than 10 times as many 
bytes as compared to REST. 


SOAP request uses POST and re- 
quire a complex XML request to 
be created which makes response- 
caching difficult. 

SOAP uses HTTP based APIs refer 
to APIs that are exposed as one or 


It consumes less bandwidth beca- 
use it’s response is lightweight. 


Restful APIs can be consumed using 
simple GET requests, intermediate 
proxy servers/reverse-proxies can 
cache their response very easily. 


REST on the other hand adds an 
element of using standardized URIs, 
more HTTP URIs and typical res- and also giving importance to the 
ponses are in XML/JSON. Respo- |HTTP verb used (i.e. GET/POST/ 
nse schemas are custom per object. |PUT etc. 


0.23. Explain the types of cloud. 
Ans. 


[R.GP.V., Dec. 2016 (BE)] 
Clouds can be classified into following types — 
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(i) Public Clouds - Cloud computing environments that are open 
for public use alternatively for a large industry group. Some public clouds arg 
Google, Amazon and IBM offerings. 

(ii) Private Clouds - The cloud is implemented within the private 
premises of an institution and uses it to provide services to the users of the 
institution or a subset of them. 

(iii) Hybrid (Heterogeneous) Clouds - A computing environment 
which combines multiple clouds where those clouds keep their unique identities, 
but are bound together as a unit. It identifies a private cloud that has been 
augmented with resources or services hosted in a public cloud. 


(iv) Community Clouds — These clouds are particularly intended to 
address the requirements of a particular industry. The cloud is characterized 
by a multi-administrative domain encompassing various deployment models, 


0.24. Explain public clouds in detail. 

Ans. The first expression of cloud computing is formed by public clouds, 
Public clouds are a realization of cloud computing canonical view where the 
services provided are presented to anyone, at any instant and from anywhere 
using the Internet, They are a distributed system from a structural perspective 
and possibly formed by one or more data centers, on top of which the specific 
services provided by the cloud are implemented. Any user can easily sign-in 
with the cloud provider, enter details and utilize the services provided. The 
first class of clouds that were implemented and provided were public clouds, 
Public clouds provide as a feasible option for handling peak loads on the local 
infrastructure and provide solutions for reducing IT infrastructure costs. For 
small enterprises, they have become an interesting alternative, Small enterprises 
are able to begin their business without large upfront investments by entirely 
depending on public infrastructure for their IT requirements. Public clouds 
are used both to extend the IT infrastructure of enterprise on demand and to 
completely replace it. 

Multi-tenancy is a basic feature of public clouds. A public cloud serves as 
a large number of users instead of a single one. It is required by a customer to 
have virtual computing environment that is separated, and possibly isolated, 
from the other users. This is a basic requirement to offer an effective monitoring 

of user activities, the other Quality of Service (QoS) attributes negotiated with 
users, and ensure the required performance. In public clouds, QoS management 
is an important feature. As a result, a considerable portion of the software 
infrastructure is given to monitor the cloud resources, to bill them on the basis 
of the contract done with the user and to keep the complete history of the 
cloud usage for each customer. For public clouds, these features are basic 
since they help providers to provide services to users with full accountability. 
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can provide various type of services like software/applications 
and infrastructure/hardwac. As an example, SalesForce.com is a 
oviding soflware as a service, Google AppEngine is a public 
providing an application development platform as a service and Amazon 
blic cloud providing infrastructure as a service. Finally, we can say 
:« clouds are large hardware and software infrastructure whose 
s sufficient to meet the requirements of multiple users, however, 


ability | er ee 
a from security threats and administrative pitfalls. 


they suffer 
0.25. What are private clouds ? 


Ans, Private clouds offer internal users with dynamic provisioning of 
computing resources. They are virtual distributed system that depend on a 
private infrastructure. Private clouds use other schemes in place of a pay-as- 
you-go model. They keep in-house the core business operations by depending 
on the existing IT infrastructure and decreasing the burden of maintaining it 
once the cloud has been created. Here, sensitive information does not flow out 
of the private infrastructure, therefore, security concerns are less critical. As 
the private cloud can offer services to various types of users, existing IT 
resources can be better utilized. The possibility of testing applications and 
systems at a comparatively lower price is another important aspect that comes 
with private cloud, When it is necessary to keep the processing of information 
within the premises, or it is necessary to use the existing hardware and software 
infrastructure, private clouds are the perfect solution. The major drawback of 
private deployments is the inability to efficiently address peak loads and to 


scale on demand, 


0.26. Explain hybrid cloud with an example. 
[R.GBK,, June 2015 (MCA)] 
Or 
What describes a hybrid cloud ? [R.GPV, Dec. 2014 (MCA)] 


Ans. Hybrid cloud solution can take the benefits of both public and private 
clouds. Hybrid clouds permit maintaining sensitive information within the 
premises, exploiting existing IT infrastructures, and naturally growing and 
shrinking by provisioning external resources and releasing them on demand. 
Now, security concerns are only restricted to the public portion of the cloud, 
that can be used to carry out operations with less stringent constraints but that 
are still part the system workload, A heterogeneous distributed system resulting 
from a private cloud is hybrid cloud. Private cloud combines extra services or 
resources from one or more public clouds. That's why, they are also known 
A heterogeneous clouds. In this scenario, dynamic provisioning is a 
cea component. Hybrid clouds deal with scalability issues by using 

resources for exceeding capacity demand. For the needed amount of 


| 


, 
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time, these resources or services are temporarily leased and thereafter rel Sed 
This practice is also referred to as cloud-bursting. Here, cloud-burst referg lo 
the dynamic provisioning of resources from public clouds. | | 
The concept of hybrid cloud is general, but in most cases it applies to pr 
infrastructure. Within an laas scenario, dynamic provisioning means the ability 
to obtain on demand virtual machines to enhance the capability of the resulting 
distributed system and releasing them. Specifically, in case of private clouds, 
dynamic provisioning provides more complex scheduling algorithms and policies 
whose aim is also to optimize the budget spent to rent public resources, The 
building blocks for deploying and managing hybrid clouds are infrastructure 
management software and PaaS solutions. A schematic diagram of hybriq 


clouds is shown in fig. 1.16. 


Private Cloud 


Dynamic 
Provisioning 


Data Center [es] Desktop Grids 


Fig. 1.16 Hybrid (Heterogeneous) Cloud 
An example of hybrid cloud may consist of an organization deploying 
non-critical software applications in the public cloud, while keeping critical or 
sensitive apps in a private cloud, on the premises. 
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SOFTWARE AS A SERVICE, PLATFORM AS A SERVICE, 
ORGANIZATIONAL SCENARIOS OF CLOUDS, ADMINISTERING 
| AND MONITORING CLOUD SERVICES, BENEFITS AND 


1 
i 
p 
! 


LIMITATIONS, STUDY OF A HYPERVISOR 


Q.27. Describe Software-as-a-Service (SaaS) solution. How it relates to 
cloud computing ? 
Or 
What do you understand by SaaS ? [R.GP.V., June 2016 (BE)] 


Ans. The concept of SaaS is precedent to cloud computing and started to 
circulate at the end of 90s. SaaS is a software delivery model which offers 
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ses (0 applications using the Internet. [t gives a way to free users from 
ex hardware and software management by leaving such tasks to third 

og. who create applications accessible to multiple users by a Web browse 
partie: ‘ystomers do not install anything on their premises, Also, they do s) 


The SaaS model is useful for applications that can be adjusted to specific 
needs with little further customization and serving a variety of users. This 
requirement characterizes SaaS asa one-to-many software delivery model. In 
a one-to-many so ftware delivery model, an application is shared across several 
users. This is the case of Customer Relationship Management (CRM) and 
Enterprise Resource Planning (ERP) applications that form general requirements 
for almost all the businesses. There will be similar requirements for the basic 
characteristics related to CRM and ERP in every enterprise, different 
requirements can be met with further customization. This scenario makes 
easy the development of software platforms offering a set of characteristics 
and supporting specialization and ease of integrations of new components. It 
constitutes the perfect candidate for hosted solutions, because the applications 
provided to the user are the same, and the applications itself give means to the 
users to shape itself on the basis of their requirements. Consequently, SaaS 
applications are naturally multi-tenant, which is a characteristic of SaaS, This 
characteristic enables providers to centralize and sustain the effort of managing 
large hardware infrastructures, optimizing resources by sharing the costs among 
the large user base, and maintaining and upgrading applications transparently 
to the users. Such costs constitute a minimal fraction of the usage fee paid for 
the software on the customer side. 


The SaaS approach resides on top of the cloud computing stack. It fits 
into the cloud computing vision denoted by the acronym Xaas — everything as 
a service, Applications are provided as a service with SaaS. In the beginning, 
the SaaS model was useful only for lead users and early adopters. After cloud 
computing, there has been an increasing acceptance of SaaS as a feasible 
software delivery model. This results in the development of SaaS 2.0, which 


pie not give a new technology but changes the manner in which SaaS is 
used. 


Q-28. Write down the essential characteristics of a SaaS solution. 


Ans, Like other forms of cloud computing, it is important to ensure that 


solutions sold as SaaS in fact comply with generally accepted definitions of 
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9.25. Discus some applications of SaaS solution. 

Am. The most popelar $235 zpplications arc CRM. ERP and social 

networking. The most succetsfal and popular example of CRM service i 

SalesForce com. which builds on top of the Force.com platform 

€alexForze com provides ether a programming language oF 2 visual environmes 

to organize components together for creating applications. It offers a variety 

af services for applications such as customer relationship and human resource 

management, enterprise resource planning. and several other features. Apan 

| from the basic features, the integration with third-party applications improve 

the value of SalesForce. com. Customers can search, publish, and integrate 

new services and features into their existing applications, particularly, through 

AppExchange. AppExchange makes SalesForce. com absolutely extensible and 
customizahle. Similar solutions are provided by RightNow and NetSuite. 

Social networking applications like Orkut, Facebook and professional 

networking such as Linkedin constitute an another important class of Sas§ 

applications. Besides, the basic features of networking, SaaS applications enable 

incorporating and extending their capabilities by integrating third-party 

applications. For the hosting platform, SaaS applications can be developed as 

plug-ins and presented to the users to choose which applications they like to 

add in their profile. Consequently, the integrated applications get full access to 

the nctwork of contacts and the user profile data. 


0.30. Explain Platform-as-a-Service (PaaS) solutions in detail. 


Ans. In the cloud, PaaS solutions offer a development and deployment 
platform for executing applications. PaaS solutions form the middleware on 
top of which applications are made. The main functionality of the middleware 
is application management. PaaS implementations automate the process 0 
deploying applications to the infrastructure, provisioning and configuring 
supporting technologies, configuring applications components, and managing 
system change on the basis of policies defined by the user. They do not expose 
any service for managing the underlying infrastructure and offer applications 
with a runtime environment. Developer's system is designed by them in ter 

of applications and are not related with operating systems, hardware, an 
other low-level services. According to the commitments done with the users, 
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Fig. 1.17 Platform-as-a-Service 


The interface exposed to the user is determined by the certain development 
model decided for applications. Certain implementations offer a fully Web 
based interface hosted in the cloud offering various services. It is possible to 
discover integrated developed environments on the basis of GL and visual 
programming concepts, or rapid prototyping environments in which applications 
are made by assembling mash-ups and user defined components, and 
successively customized. Other implementations of the PaaS model offer a 
programming language based approach and offer a complete object model for 
representing an application. This approach gives more opportunities and 
flexibility, however, generates longer development cycles. Generally, developers 
have the full power of programming languages with some limitations to offer 
better scalability and security. In this situation, the conventional development 
environments are used to design and develop applications, which are then 
deployed on the cloud by employing the APIs exposed by the PaaS provider. 
For better utilizing the services given by the PaaS environment, specific 
components can be provided together with the development libraries. 


IzaS 


: Providers 


Iafrastructure 


0.31, Discuss the classification of PaaS implementations in brief. 
Or 
Discuss the different categories of options available in PaaS market. 
Ans. PaaS solutions simply provide users with the software that is installed 
on the user's premises, or can provide a middleware for developing applications 
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together with the infrastructure. In the former case, the middleware forms the 
core value of the offering. In the latter case, the PaaS provider also has large 
data centers where applications are run. It is also possible to have vendors that 
provide both middleware and infrastructure and provide also only thg 


middleware for private installations. PaaS solutions are classified into thre 
main categories — PaaS-], PaaS-Il, and PaaS-lll. 
PaaS-l category recognizes PaaS implementations that entirely follow the 
cloud computing style for application development and deployment, They 
provide an integrated development environment hosted within the Web browse; 
in which applications are designed, composed, developed and deployed. For 
example, Longjump and Force.com. Both of them provide the combination of 
a middleware and infrastructure as a platform. In PaaS-II category, all solutions 
that emphasize on offering a scalable infrastructure for Web applications are 
listed. Here, the providers APIs are used by the developers to develop 
applications. In PaaS-Il category, the most popular product is Google 
AppEngine. This product offers a expandable runtime on the basis of Java and 
Python programming languages that have been improved with additional APIs 
and components to support scalability and modified for offering a secure 
runtime environment. An open source implementation of Google AppEngine is 
AppScale. Appscale offers an interface compatible middleware that has to be 
installed on a physical infrastructure. A similar approach to Google AppEngine 
is provided by Joyent Smart Platform. Engine Yard and Heroku take different 
approach that offer scalability support for ruby. PaaS-III category comprises 
all solutions that render a cloud programming platform for any sort of 
applications. Microsoft WindowsAzure is the most popular solution among 
these. It offers a framework on top of the .NET technology for building 
service-oriented cloud applications. In this category, other solutions are 
Manjrasoft Aneka, DataSynapse, Apprenda SaaSGrid, GigaSpaces DataGrid 
and Appistry Cloud IQ platform. All these solutions offer only a middleware 
with different services. Table 1.2 shows a platform-as-a-service offering 
classification. 


PaaS-I 


Table 1.2 


Vendors and Products Product Type 


Middleware + Infrastructure 
Middleware + Infrastructure 


Longjump 
Force.com 


PaaS-II Google AppEngine Middleware + Infrastructure 
AppScale Middleware 
Joyent Smart Platform Middleware + Infrastructure 
Engine Yard Middleware + Infrastructure 
Heroku Middleware + Infrastructure 
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Microsoft Windows Azure Middleware + Infrastructure 


Manjrasoft Aneka Middleware 
DataSynapse Middleware 
Apprenda SaaSGrid Middleware 
GigaSpaces DataGrid Middleware 
Appistry Cloud IQ Middleware 


2, Discuss the essential characteristics of a PaaS solution. 
Some essential characteristics of a PaaS solution are as follows — 

(i) Automation — PaaS environment automates the process of 
plications to the infrastructure, and scaling them when required 
by provisioning extra resources. This process is carried out automatically and 


o the SLA created between the customers and the provider. This 
i ffers ways to provision more resources. 


0.3 


Ans. 


paaS solut 
must assist. 
applications 

(iii) Cloud Services — To help architects and developers to simplify 
the creation and delivery of elastic and highly available cloud applications, 
paaS offerings provide them with APIs and services. Among competing PaaS 
solutions, these services are the main differentiators and generally entail certain 
components for developing applications, management, reporting, and advanced 
services for application monitoring. The ability to integrate third-party cloud 
services provided from other vendors by using service-oriented architecture 
is another important component for a PaaS based approach. This opportunity 
makes the applications development able to evolve as required by the customers 
and users, and able to move quickly and easily. 


It means PaaS solutions provide an approach to deploy and Manage 
on the cloud instead of a bunch of virtual machines. 


(iv) Runtime Framework — In PaaS solutions, this is the most 
intuitive characteristics and represents the software stack of the PaaS model. 
The end user code is executed by the runtime framework on the basis of the 
policies defined by the user and the provider. 


Q.33. What does Infrastructure-as-a-Service (IaaS) refer to ? Explain. 


Ans. Infrastructure/Hardware as a service solutions are the most popular. 
They provide customizable infrastructure on demand and build market segment 
of cloud computing. The available alternatives within the IaaS-offering umbrella 
are database, Web servers, load balancers and network devices from single 
Servers to entire infrastructures. Hardware virtualization is the main technology 
used to provide and implement these solutions. In hardware virtualization, one 
ormore virtual machines are suitably configured and interconnected that define 


— 
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the distributed system on top of which applications are installed and deployeg 
Virtual machines also form the atomic components. These components ar, 
deployed and priced depending on the memory, disk storage and number of 
processors. The advantages of hardware virtualization are sandboxing, hardwar, 
tuning, workload partitioning and application isolation. All these advantages of 
hardware virtualization are provided by [aaS/HaaS solutions. laaS/HaaS Solutions 
decreases the administration and maintenance cost, and the capital costs from 
the view point of the customer. It also enables better exploitation of the IT 
infrastructure and offers a more secure environment for executing third-party 
applications from the view point of the service provider. Simultaneously, Users 
can take benefit of the full customization provided by virtualization to deploy 
their infrastructure in the cloud. Virtual machines mostly come with the selected 
OS installed and the system can be configured with all the needed packages 
and applications. Apart from the basic virtual machine management capabilities, 
some other services can be offered. These services are workload management, 
SLA resource based allocation, ability to integrate third party IaaS solutions, 
and support for infrastructure design through advanced Web interfaces. 


0.34. Describe the basic components of an IaaS-based solution. 


Ans. The basic components of an IaaS-based solution are shown in 
fig. 1.18. Here, the physical infrastructure, the infrastructure management 
software and the Web based management interface or user interface are the 
three principal layers. 


Web Based 
Management 
Interface 


Web Services, Portals, REST API 


QoS/SLA Management Pricing/Billing 


VM Pool Management 


Infrastructure 
Management 
Software 


Monitoring 


VM Image Repository 


Desktop/Heterogencous Resources 


Physical 
Infrastructure 


Fig. 1.18 Infrastructure-as-a-Service 


The bottom layer is set up by the physical infrastructure. The management 
layer works on top of the physical infrastructure. The infrastructure can be of 
various types and the use of particular infrastructure relies on the specific use 
of the cloud. A service provider will probably use a large data center that has 
several number of nodes. A cloud infrastructure will depend on a cluste 


v 
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M developed in house, in a small or medium organization or within 
Iso possible at the bottom of the scale to consider a 
environment where various types of resources such as PCs, 
nd workstations can be aggregated. The physical layer also 
S s the virtual resources that are rented from external IaaS providers 
te hitectural point of view. 
tructure management software layer, the main features of an 
tion are implemented. The most prominent function carried out by 


i . 

paS Son is the management of the virtual machines. The scheduler plays a 
js lay 

- tral role, W 


| other tasks. A QoS/SLA management component will maintain a 

itory of all the Service Level Agreements (SLAs) done with the users and 
jon r with the monitoring component is used to make sure that a given 
toge! À chine instance is executed with the required Quality of Service (QoS). 
ane. icinghbilling component takes care of the cost of executing each virtual 
The s instance and stores data that will be used to charge the user. The 
forig component records the execution of each virtual machine instance 
and stores data needed for analyzing and reporting the system performance of 
the system. The reservation component records the detail of all the Virtual 
machine instances that have been executed or that will be executed in the 
future. The VM repository component offers a catalog of virtual machine 
images that are used by the users to produce virtual instances. A VM pool 
manager component maintains track of all the live instances. A provisioning 
component interacts with the scheduler in order to offer a virtual machine 
instance that is external to the local physical infrastructure, if the system 
supports the integration of additional resources related to a third party laaS 
provider. 

At the top layer, the user interface offers access to the services exposed 
by the management layer. Generally, this type of interface depends on Web 2.0 
technologies, which enable either applications or final users to access the 
services exposed by the underlying infrastructure. Web 2.0 applications permit 
developing full-featured management consoles fully hosted in a Web page ora 
browser. Without the human intervention, RESTful APIs and Web services 
enable program to interact with the service. Hence, offering complete integration 
Within a software system. 


0.35. Explain the uses of — 
(i) Infrastructure as a service 
(ii) Platform as a service 


(iii) Software as a service. 
[R.GP.V., Nov. 2018 (MCA)] 
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zon’s elastic compute cloud (EC2) is a i examp 
gramples -A offers the user a virtual server, ar Pp : 
adios system and hypervisor or system monitoring software included. 
«tor ope » Google App Engine — Is an example for a Web platform as 
„opas which enables to deploy and dynamically scale Python and 
ice d Web applications. 
Java pase m Google Apps — Provides Web-based office tools such as e- 
adar, and document management. 
mail, cale (c) Rackspace Cloud — Is a cloud IaaS. It provides users with 


ynamically scalable computing and storage resources, as well as 
lications and tools. 


Ans. (i) Infrastructure as a Service (laaS) — The infrastructure as a 
service layer was based on virtualization technology and provides the basic 
computing infrastructure of servers, processing, storage, networks and other 
fundamental computing resources where the consumer is able to deploy ang 
run arbitrary software, which can include operating systems and applications. 
The consumer does not manage or control the underlying cloud infrastructure 
but has control over operating systems, storage, deployed applications and 
possibly limited control of select networking components. 

The main purpose of IaaS is to avoid purchasing, housing and managing 
the basic hardware and software infrastructure components, and instead obtain 
those resources as virtualized objects controllable via a service interface (which 
reduces hardware costs). 

Customers are allocated computing resources in order to run virtual 
machines consisting of operating systems and applications. 

(ii) Platform as a Service (PaaS) — Platform as a service adds a 
higher level to the cloud infrastructure by providing a platform upon which 
applications can be written or deployed. These service providers offer, in this 
layer, application programming interfaces (APIs) that enable developers to” 


access 10 d 


;rd-partY cloud app 
thir (d) Salesforce.com — Is a cloud SaaS. It provides a full 


management (CRM) application. 
(e) Zoho.com — Is a cloud SaaS. It provides a large suite of 
plications and it is used often by organizations. 

Table 1.3 


relationship 


exploit functionality over the Internet rather than delivering complete Camus | Saas 
applications. It delivers development environments to programmers, analysts Google apps, 

and software engineers as a service. PaaS gives end users control over || Service Office live, 
application design, but does not give them control over the physical || providers G-mail, Facebook 


infrastructure. In this services, customers may interact with the software to 
enter and receive data, perform actions, get results and to the degree that the 
vendor allows it customize the platform involved. 

The main purpose of PaaS is to reduce the cost and complexity of buying, 
housing and managing the underlying hardware and software components of 
the platform, including any needed program and database development tools. 
PaaS gives end users control over application design, but does not give them 
control over the physical infrastructure. 


Runtime By the customers | By the vendor By the vendo 
management 

Data By the customers | By the developer | By the vendor 
management 

Application | By the customers | By the developer | By the vendor 
management 

Used by Business users Developers and System manager 

deployers 
Visibility End users Application Network 
developers architects 

ET Dynamic infra- Integration as a 
|| Services 


Structure service service 
No of 


i Large numbers of | Few cloud 
providers 


application inthe | platforms 
cloud 


Server B 
y the vendor By the vendor 


(iii) Software as a Service (SaaS) — Software as a service provides 
the consumer with typical software applications that run over the cloud 
computing infrastructure. SaaS delivers applications through a web browser 
to thousands of customers rather than installed on their computer. The end 
user does not exercise any control over the design of the application, servers, 
networking, and storage infrastructure. 

The main purpose of SaaS is to reduce the total cost of hardware and 
software development, maintenance and operations, All these services offer 
scalability and multitenancy. In addition, they are self-provisioning and can be 
deployed through public cloud deployment modules. 


Examples of these three modes of cloud computing are given in table 1.3. 


Dynamic 
application services 


Elite group of 
providers 


——— € —M— MM ——— — —— — 
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ity/auditing/network b i 
Q.36. List the advantages and disadvantages of the services on the clo (iv) ale nd y g andwidth and dependency 
[R.GP. KE, Nov. 2018 (Mc S as wit a ) 29 MM . . 
cem : Aer “lock-in”, portability of applicat . 
Ans. The advantages and disadvantages of the services on the cloud p (v) p ee M pp'ications between providers 
as follows — may prove difficu™ 


Advantages of IaaS — 
(i) Quick addition of capacity — elastic to grow and shrink as capa, 
requirements change. 
(ii) Most hardware, network and data center infrastructure ¢ 
are eliminated. 
(iii) Lower labor costs are network infrastructure costs, data cen 
costs are ongoing facility maintenance costs are omitted. 
(iv) High availability Internet connections from hosting provider 
(v) Allows existing applications to be moved into the cloud with 
minimum of modification. 
Disadvantages of IaaS — 
(i) Perceived loss of control of assets and physical security, 
(ii) Network outages (local connection to Internet or the Int 
itself) means complete service loss. 
(iii) More Internet bandwidth required from facilities. 
(iv) Possible loss of logical security, concerns of information leak 
from one customer to another. 
(v) Compliance auditing (i.e. SBOX) may become more com 
as there is no direct control of assets located within cloud. 
Advantages of PaaS — 
(i) Quick addition of capacity ~ elastic to grow and shrink as ca 
requirements change. 
(ii) Hardware, network and data center infrastructure costs 
eliminated. 
(iii) Some software costs (OS and support software) are elimina 
(iv) Initial pre-configuration of core-OS and some support softw 
is eliminated. 
(v) High availability Internet connections from hosting provider. 
Disadvantages of PaaS — 
(i) Less application flexibility as applications must conform to 
defined platform template. 
(ii) Only certain types of applications are suited for this m 
depending on specifies of platform. 
(ui) Less portability of existing applications as constrained to a si 
pre-defined platform configuration. 


demand (i) Easy and quick tear down, on demand when need for the 


jication subsides. 
T (i) No long-term contracts means can be used for short-term 


M 
bursting (iv) Low per-user cost. 
(v) Low client requirements. 
pisadvantages of SaaS - 

(i) May run slower when Internet in heavily loaded. 

(ii) Often "one size fits all” customization/flexibility are limited. 

(iii) Provider “lock in" is very likely, difficult or impossible to switch 
vendors. 

(iv) Security is a concern, data leakage for example. 

(v) Ability to audit and traceability are concerns. 


Q.37. Explain in detail about application level security in — 
(i) SaaS (ii) PaaS (ili) laas. 
[R.GP.V, Nov, 2018 (MCA)] 

Ans. Application or software security should be a critical element of a 
security program. Most enterprises with information security programs have 
yet to institute an application security program to address this realm. Designing 
and implementing applications aims at deployment on a cloud platform will 
require existing application security programs to reevaluate current practices 
and standards. The application security spectrum ranges from standalone single- 
user applications to sophisticated multiuser e-commerce applications used by 
many users. The level is responsible for managing - 
(i) SaaS application security 
(ii) PaaS application security 
(ui) laaS application security 
(iv) Application-level security threats 
(v) End user security 
(vi) Customer-deployed application security 
(vii) Public cloud security limitations. 


| À 
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| ‘res the security aspects for application developed in an laas 


(i) Application Security in a SaaS — SaaS vendors provide | | describes - ice providers create virt i 
infrastructure and applications to users on the pay-per-use model. The , | secti0” ent. In piis de vices. To meet th e our ye M'A) Gl 
iron” external storage devices. eet ie Various types of security 
| of 


of user accounts, and amount of utilization of the application. cial 
meet 


veral 


per month paid to the SaaS provider is based on the modules selected, E e ts, and mitigate incessant threats, IaaS providers offer spe 
iremen? ication developers i ; 

(ii) Application Security in PaaS — PaaS vendors provide ei 008 to heP es bea beuediu an and 
infrastructure, application building blocks, compilers, and a rund ser ance mu de following y and block se 
environment to develop and host applications. These blocks could be sind e These include 
to those used internally within an enterprise; however, one needs to co f (a) dWAF - It allows a set of rules to be applied to Web-based 
certain security in applications in order to cover multi-tenancy and thou nication to accept or drop packets based on port number, source, 
of users who have potential access to the platform. Application security commu" IP addresses, and other parameters. 
been a problem long before the arrival of PaaS. Some of the ways to pro, des? (b) Host-based Intrusion Detection Systems (HIDS) — It 
data in a PaaS environment are as follows — l d reports if any user or application has circumvented the laaS host 

(a) Testing for Vulnerabilities — Several tools have bẹ mon" licy. 
developed to identify application vulnerabilities. Some good ones are descri security PO " Host-based Intrusion Prevention Systems (HIPS) — It 
at the Open Web Application Security Project (OWASP) site (ht laaS host for suspicious activities by analysing the events 
www.owasp.org). It lists several, battle tested tools, to protect the Web bay monitors each d takes steps to stop such activity, It blocks the malici 
applications from security threats. These can be effectively used to hardenf within the host an the bad packets, resetting he connection j pde 
cloud applications. OWASP is a non-profit organization, dedicated to improyg activity by dT0PPInE nee à din IP iilis orisa , j entirely 
application security. by providing tools and best practices to discover desijblocking traffic from the otte E ork to and from the 
and implementation defects and to protect against the flaws. JaaS host. 


Q.38. Define cloud computing. [R. GP.[V., Dec. 2015 (MCA)] 


Ans. The term cloud computing refers to the means of providing any and 
all information technology from computing power to computing infrastructure, 
(c) Logs — All activity and security events must be logged applications, business processes and personal collaboration to end users as a 

the data must be protected through encryption. The log must be regulalservice when they require it. 
scanned for indications of security threats. 


tors an 


(b) Tools — The cloud provider should be able to provide t 
to identify security issues and scan Web pages. You must continuously 
Web pages for common security issues such as XSS and SQL injections 


The term cloud in cloud computing means the set of software, hardware, 
(d) Application Keys — All API calls to the platform or servidnetworks, storage, services, and interfaces that combine to provide aspects 

within must require an application key. The cloud application must h of computing as a service. 

provisions to maintain and secure the key along with the other credentials} — A definition given by American National Institute of Standards and 
(e) Secure Protocols — For Simple Object Access ProtogTechnology (NIST) is as follows — 


(SOAP) based messages, secure protocols such as Web services sec Cloud computing is a model for enabling convenient, on-demand network 
must be used. It provides a foundation for implementing security functidaccess to a shared pool of configurable computing resources (for example, 
such as confidentiality and integrity for Web based application. It is maintain networks, servers, storage, applications, and services) that can be rapidly 
by OASIS (Organization for the Advancement of Structured Informatiprovisioned and released with minimal management effort or service provider 
Standards), an international, non-profit consortium, which is focused on o interaction. 
standards adoption for applications. Cloud applications must use Secure S 


A singl i ing i ivac 
Layer (SSL), whenever possible. gle area of concern in cloud computing is undoubtedly be privacy 


K is a "M - = security. When your data travels over and rests on systems that are no 
(iii) Application Security in an IaaS — For application within {longer under your control, you have increased risk due to the interception and 


enterprise, several internal controls exist to protect the data. In a cloud, malfeasance of others. You cannot count on a cloud provider maintaining your 
corresponding security controls must be coded within the application. TlPrivacy in the face of government actions 
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idly deploy applications over the Internet and leverage new 
(o services when, where and how your clients want them-before 
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Q.39. What makes cloud computing so interesting to IT stake holy 
and research practitioners ? Explain it by listing essential cloud comp, 
environment and cloud service requirements. [R.GPV., Dec. 2014 (hi 

Or 
Why organizations are adopting the cloud for business and IT, perspecti 


lve 
Explain. [R.GP. V., Dec. 2015 (MC, 


Ans. Cloud computing is an emerging style of IT delivery in whi i 
applications, data and IT resources are rapidly provisioned and provide , comp" | 
standardized offerings to users over the Web in a flexible pricing model, Cl; withou ae mic infrastructure depends on an architecture that contains 
computing can significantly reduce IT costs and complexities. It is a Way pe initiatives — 
managing large numbers of highly virtualized resources such that they resem] the follo , Asset Management — Provide maximum value of important 
a single large resource. There is a greater need for IT to help address busin (i) 4 IT assets over their life cycle with industry tailored asset 
challenges and cloud computing can help you do all of these — pusiness en solutions. 
€ Service Management — Across all the business and IT assets, 
m control and automation to give higher value services. 


lain cloud and dynamic infrastructure. 
[R.GB.V, Dec. 2014 (BE)] 
‘ents can access standardized IT resources through cloud 


ploy new applications, services or computing resources fastly 
gineering their entire infrastructure, therefore making it dynamic. 
reen 


40. EXP 


(i) Reducing Risks — Ensure the right level of security and resili 
across all business data and processes. 


(ii) Doing More with Less — Reduce capital expenditures a offer V5! 


. (ii) Virtualization and Consolidation — Decrease operating costs, 
operational expenses. 


ahance responsiveness and fully use resources. 
€ p . 
(iv) Energy Efficiency — Across the business and IT infrastructure, 
: ; inabili llenges and opportunities. 
(iv) Higher Quality Services — Improve quality of service on deli deals with environment, Pads x SM : basi T btai 
new services that help the business grow and reduce costs. (v) Information Infrastructure — Support businesses obtain 
Cloud services today are delivered in a user-friendly manner and offered objectives like nM camplianos; avanepEl) iA apii is 
an unprecedented scale. The payment model is pay-for-what-you-use and (vi) Resilience — While quickly changing an responding to ris 
as-you-go, eliminating the need for long-term contract and an up front investmejand opportunities, handle continuous business and IT operations. 


This presents a less disruptive business opportunity for businesses with sp (vii) Security — Offer end-to-end industry customized governance, 
or unpredictable IT demands, as they are able to easily provision massive amo risk management and compliance for businesses. 
of resources on a moments notice and release them back into the cloud just 
quickly. Following are the some reasons for adopting the cloud — 
(i) Pay per use 
(ii) No hardware or software to install 
(ili) No long-term commitments 
(iv) Massive, Web-scale abstracted infrastructure 


(v) Dynamic allocation, scaling, movement of applications. 


(iii) Breakthrough Agility — Increase ability to quickly deliver 
services to capitalize on opportunities while containing costs and managing ri 


0.41. Explain briefly the cloud infrastructure self-service. 
[R.GB.K., Dec. 2017 (BE)] 


Ans. In cloud infrastructure self-service, the cloud delivers the application. 
Users do not require any support to manage the resources. Console is provided 
by the cloud provider. Users uses this console to add a server instance or extra 
Storage or a new CPU core. It helps in decrease IT support and infrastructure. 
i l ; Users do not require a permitted system administrator to maintain storage, 
This results in business and IT aligned benefits — j| Mailboxes and collaboration portal because a non-technical person can also 

(i) Lower IT barriers to launch new business services Perform these tasks, Infrastructure vendors builds the templates of cloud 
(i) Provide an effective and creative service delivery model — | 9 Putingon time. These templates are obtained by users from the catalogues 
(iii) Accelerate innovation projects that can lead to new revenue | °! ^ 9ud services, P re-defined configuration included in these templates. These 
(iv) Deliver services in a less costly and higher quality busi E configuration issue by user for configure the cloud service. User 
model, while providing service access ubiquity “se template technical information for setup ready to use clouds. User 


^ 
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uses these template matter to move the applications among cloud through | 

cloud selfservice portal. Developers may create a catalogue of cloud Sen, 

through cloud templates. Templates also describe about how to run sip: 

applications on different platform like cloud based on VMware or A ne 

web. 

Q.42. Discuss the different barriers of cloud computing. 
[R.GP.V., Dec. 2013 (BE), June 2015 (M, 
Or 


Discuss the problems associated with cloud computing. 
[R.GP.V., Dec. 2016 (By 


Ans. Some major barriers identified by IT organizations to large s. 
adoption of cloud services are as follows — 
(i) Security — Security concerns are similar to a traditional ġ 
center and network in a cloud environment. The overall security risks 
perceived as higher for cloud services since most of the information excha 
between the cloud service provider and the organization is done over the W 
or a shared network, and because IT security is entirely handled by an exter 
entity. Some additional factors cited as contributing to this perception 
limited capabilities for monitoring access to applications hosted in the clouz 
belief that multi-tenant platforms are inherently less secure than single-ten 
platforms, limited knowledge of the physical location of stored data and 
use of virtualization as the underlying technology, where virtualization is se 
as relatively new technology. 
(ii) Integration and Interoperability — Identifying and migrat 
appropriate applications to the cloud is made complicated by ¢ 
interdependencies typically associated with business applications. Integrat 
and interoperability issues include a lack of standard interface or APIs 
integrating legacy applications with cloud services. This is worse if servi 
from multiple vendors are involved. It also includes software dependenc 
that must also reside in the cloud for performance reasons, but which may 
be ready for licensing on the cloud. There are worries about how dispar 
applications on multiple platforms, deployed in geographically disp 
locations, can provide the expected levels of service and can interact flowle: 
(iii) Governance and Regulatory Compliance — Large enterpr? 
arc ensuring data privacy, and still trying to sort out the appropriate c 
governance model for cloud services. For large organizations, quality of seri 
is still cited as a major concern. Not all cloud service providers have well defo 
SLAs, or SLAs that meet stricter corporate standards. Recovery times may 
stated as ‘as soon as possible’ instead of a guaranteed number of hours. In 
cloud provider's SLAs, corrective measures are often fairly minimal and do 
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the pote" 
no 


cloud - for a comp 
ce is depen 
| of both the customer an 
* LJ 
a 43. Define cloud services. 
: Web-based application or service offered via cloud computing 


Ane ju service. Cloud services can include anything from calendar 
is ae ict applications to word processing and presentations. 
an d What are the advantages of cloud services ? 
Ans. If the user’s PC crashes host application and document both remain 
ted in the cloud. An individual user can access applications and 
oa ts from any location on any PC. Because documents are hosted in 
ae multiple users can collaborate on the same document in real time, 
ae um available Internet connection. Documents are not machine-centric. 
Q.45. What services should be provided by cloud computing vendors ? 
Ans. Cloud computing vendors provide point-solution and product 
offerings. On the other hand, one should provide comprehensive, asset-based 
solutions to deploy dynamic infrastructure, which is needed for a cloud delivery 
model. These services are designed to provide business outputs to our clients. 
The following benefits should be provided by an approach to cloud computing — 
(i) Services intended at specific infrastructure workloads to support 
accelerate standardization of services, providing productivity gains and fast 
client payback on their investment. 
(ii) To offer visibility, control and automation in IT and business 
services, a service management system is embedded with cloud services. 
There should be infrastructure strategy and planning services for cloud 
computing to support companies plan their infrastructure workloads through 
the suitable cloud delivery model. Cloud strategy, cloud assessment, design 
and development of a cloud roadmap and return on investment (ROI) assessment 
by workload are specific assistance. Clients should begin with a strategy and 
dimer consulting engagement, and a pilot implementation of a key workload 


0-46. Explain the different cloud services requirements. 
x [R. GP. K., June 2016 (BE)] 


d the cloud service provider. 


Ans. Major cloud services requirements are as follows - 
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(i) Security — The resource pooling characteristics of cloug 

computing permits users to dynamically share physical and virtual l'CSOUrCes 

High security concerns are usually associated with virtual environments Which 

include virtual components like hypervisor for running virtual machines and 

virtual environments for virtual machines communications. An organization 

that contain its own IT components in it premises can apply and monito, 

proper security policies and controls especially for identity management, Asa 

result, it is a priority to choose a cloud service which supports suitable anq 
adequate access control and authentication mechanisms. 


| (ii) Privacy — Organizations are often uncertain when it comes to 

managing and storing sensitive information in the cloud. Privacy is an importan, 

issue to be addressed in the direction of raising users' trust in the cloud 

computing paradigm. The geographic location of data stored in a clouq 
environment is usually not revealed to users. This lack of transparency raises 
high concerns especially that privacy regulations and policies differ from one 
country to another. 


(iii) Availability — Most organizations need maximum availability levels 
of their computing resources provided by the cloud services. Cloud services 
have recently experienced failures resulting from several factors including 
security attacks, natural disasters and infrastructure outages. Cloud computing 
environments need to make serious provisions to react quickly and efficiently 
o such outages and ensure continuity of cloud services. Thus, the ability to 


fficiently and seamlessly recover from outages is an important factor to 
nsider when comparing cloud services. 


(iv) Flexibility — Cloud computing service providers should be able 
to offer flexible plans and services that allow an enterprise to quickly and 
efficiently adapt to changes in their goals, customer demands and global changes. 


(v) Archiving — Archiving provides long term storage of data that is 
no longer momentarily needed keeping archived data imposes high storage 
demands and also require additional backup and restore feature for the 
consumers. It may also imposes some additional costs on the services. Hence, 
acloud computing service with an archiving feature and easy access to archived 
data is among the essential requirements for many organizations. 


(vi) Scalability — Cloud scalability is one of the most important 
factors in providing successful cloud services. It is mainly enabled by increasing 
the capacity and number of IT resources. 


Q.47. Discuss cloud service management in brief. 


Or 
How cloud services are managed ? Explain in detail. 


[R.G.P.V., May 2019 (MCA)] 
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control, visibility and automation required for efficient cloud 
Ans: ‘ded by a service management system in both public and 


pe ment 
si c imple Make Easier User Interaction with IT — 
(i) 


(a) User friendly self-service interface accelerates time to value 
(b) Service catalouge allows standards that drive consistent 


ivery- r E 
d ps Allow Policies to Lower Cost with Provisioning — 


service "7 
i T 
(i (a) Reuse and release of assets are allowed by provisioning 


policies (b) Service delivery is increased by automated provisioning and 
se ered System Administrator Productivity — Move from 
adea to a service management system. 
misa lopment of cloud deployments is prompting enterprises to either 
E uh on cloud brokers or assemble in-house teams to manage 
look R nd service providers mainly because of the following reasons — 
2 A mechanism is required by every service-oriented approach to 
it discovery and end-point resolution. 
E (ii) Cloud services delivered across firewalls require a third party 
a service broker. 
uc t) Registry or repository technology offers this where service 
ivery is within the firewall. 
py computing, leveraging service brokers will possibly become a 
crucial success factor because cloud services multiply and expand faster as 
compared to the ability of cloud consumers to manage or control them. To 
utilize services in a reliable way, the growth of service brokerage businesses 
will increase the ability of cloud consumers. Cloud service providers are 
expected to start to partner with cloud brokerages to make sure that they can 
deliver the services they develop. These cloud intermediaries will gon 
companies to select the right platform, deploy apps across different MER 
and perhaps even give cloud arbitrage services that enable end users to shi 
between platforms to take the best pricing. 


-46. Li i loud computing services. 
0.48. List the companies who offer c p n MATE 
Ans. There are several companies which offer cloud computing services ^ 
(i) Amazon web services (ii) Microsoft Azure 
(ii) IBM cloud (iv) SAP 


— —MÀ—— a — 
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. . „uss the advantages and disadvantages of cloud computing, 

(v) Verizon cloud (vi) Egnyte 0.5". a die limitation of cloud computing. 

i ia os "PE, 
(vii) Dropbox (viii) Navisite write [R.GP.V., Dec. 2017 (BE)] 

Also 

ix x) Salesforce ade 
(ix) Oracle cloud ( pde ;, Advantages of Cloud Computing Refer to Q.49, 
(xi) Red Hat = s An ' vantages of Cloud Computing — When we use an application or 
(xiii) VMware xiv) Adobe a 


pisa he cloud, we are using something that is not essentially as 


(xv) Google cloud platform. service p as we might wish. In addition, applications deployed on-premises 
i Q.49. What is a benefit of cloud computing over traditional computing » customza so many features compared to their cloud counterparts, although 
[R.GP.V., Dec. 2014 (MCA n still d computing applications are very capable. 

i Or many € ting applications have inherent latency which is intrinsic 

| : : ud computing "in 

| What are the benefits of adopting cloud computing ? List some of an connectivity. If your application demands huge amounts of data 
them. [R.GP.V., June 2015 (MCA) | in their loud computing may not be the best model for you. However, cloud 

Or transfer, € 


ne applications excel at large-scale processing tasks. 
OER a cloud computing is a stateless system, as is the Internet. It is 
ne saa ool in nature in order for communication to survive ona 
essen 
pu um is privacy and security. When data is travelling over and 
Nus systems that are no longer under your control, there is increased 
risk due to the interception and malfeasance of others. 


Discuss the benefits of cloud adoption and rudiments. 
[R.GPV, June 2016 (BE) 


Ans. Benefits by adopting cloud computing are as follows — 


(i) Availability of Resource — One of the most general advantage is 
facilitated by virtualization is resource availability. Also, resource availability 


helps to leverage and track resource pool under the same umbrella of resource 


Units Limitations of Cloud Computing — There are several limitations of 


cloud computing are given below — 


(i) Network Connection — Network connection should be reliable 
at client side. Problem in network connectivity will affect the accessing capacity 
of cloud. Upload and download speeds are slower as compared to that of a 
local server. 


(ii) Control of Data Security — The client data does not secure in 
public cloud because client cannot control security of his data. Hacker can 
affect the client data by hacking or phishing attacks in cloud. Malware can 
easily spread in cloud because all servers are connect to each other in cloud. 


(iii) Additional Costs — Cloud computing offers many cost benefits 
yet there are some hidden or additional costs, Client has to pay extra for data 
transfer and other services. 


(ii) Hosted Tools — By using hosted tools, the developers and testers 
can simply log in to the tools and use the services over the network. Due to 
these tools, the tester and developers need not run, install, configure or maintain 


tools on their systems as they can log into the tools from any machine on the 
network maintaining the tools. 


(iii) Self-service Capability — They are capable of self-service, once 
somebody deploys the cloud services. Now testing teams can use the same 
services over the cloud and do not have to purchase the computing services 


and it minimizes the procurement process. Thus, they can concentrate on the 
testing efforts and services. 


(iv) More Mobility — Peoples can access information wherever they 
are, rather than having to remain at their desks. 


(v) Operating Efficiency - Sometimes development teams and test 
teams may differ in their conventions and configuration. As a result the 
application behaviour to be different from the desired one also the delay services. 
The template based approach is more transparent, with its solution stacks or 


hardware, configurable applications and Operating system. This approach help 
the teams to understand the environment better. 


(iv) Peripherals — Printers and scanners do not work with cloud. 
Many devices requires software to be installed locally to work on cloud. 
(v) Integration — Integrating internal applications with those on cloud 
cult and many time it does not possible. 


_ Wi) Generic — Public cloud provides very generic and pepe 
Services, So many organizations cannot comfortable with it. In-house clou 


are diffi 


a 


50 Cloud Computing (VIII-Sem) 


implementation is very difficult and onerous on internal resources if organiza 
5 not large. r 


Q.51. What do you mean by hypervisor virtual machine (HVM) p 
Or 
Explain what do you understand by hypervisor management softy, ; 
and their requirements. [RGEV, Dec. 2013 (Bp, 
Or 
Explain virtualization hypervisor management software. 
| [R.GP.V,, June 2015 (Bb, 
| Or 
Write a detailed note on hypervisor management software. 
| [R.GPM, May 2018 (MCA) 
Ans. There is a companion layer of hypervisor management softwa 
for each hypervisor. This layer offers various functions such as create virty, 
machine, move virtual machine, delete virtual machine, etc. for Poy 
Systems, Systems Director or the Power HMC as the hypervisor manageme 
function controlling the PowerVM hypervisor. For each 'Hyperviso; 
Hypervisor Management Software’ pair, a unique set of APIs and GUIs i 
available that is used by the client IT staff and by ISVs to create managemer 
services or other applications. There is a freedom to make one's ow 
hypervisor management software with open source hypervisors like KVN 
and Xen. 

The foundation for virtualization on server is hypervisor. It enable 
hardware to be partitioned into multiple logical portion and make sure isolatio 
among them. Ethernet transport mechanism and Ethernet switch that ar 
required for virtual LAN capability are supported by hypervisor. To provid 
support for virtual storage, hypervisor supports virtual SCSI. A globi 
firmware image situated outside the partition memory in the first physici 
memory block at physical address zero is hypervisor. As soon as system | 
switched on, hypervisor takes control and collect information about CPU 
memory, I/O and other resources. All the specified resources and oth 
resources that are GLOBAL to the 
System are contolled and owned by 
hypervisor. Hypervisor allows the 
setup of logical partitioning and 
corresponding partition boundaries. 
Hypervisor tracks resource assigned 
| to partition and offers isolation 
| between partitions. Hypervisor is 


Fig. 1.19 Hypervisor Layer 
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anal memory management employing a global partition 
P catty 9 hysical memory is divided into physical memory blocks 


blocks i5 done into logical memory blocks, The hypervisor 
memory space and manages memory allocation to 
ag obal partition page table. This guarantees the isolation for 


e different types of hypervisors with example and block 
pue list the advantages. [R.GE, Dec. 2013 (BE)J 
" pervisors are classified into two types - 

y qype 1 (Bare Metal/Native Hypervisor) — Software systems 
(i) A on the host's software as a hardware control and guest 
that run direct y monitor. A guest operating system thus runs on another level 
operat eni This is the classic implementation of virtual machine 
above the 


Atype-! hypervisor is a type of client hypervisor that interacts 
ache nardware that is being virtualized. [t is completely independent 


> fore 
ting system and boots bef 
fom e operating ST E) hypervisor LEOS] Loretos] [conos] 


are installed on a bare system. Examples 
of type-! hypervisors are LynxSecure, 
Oracle VM, VirtualLogic VLX, Sun xVM 
Server, RTS Hypervisor, etc. Type-1 
hypervisor is shown in fig. 1.20. E 

(ii) Type 2 (Embedded/Host Hypervisors) — Software applications 
that run within a conventional operating system environment. Considering the 
hypervisor layer being a distinct software layer, guest operating systems thus 
run at the third level above the hardware. A type-2 hypervisor ts a type of 
client hypervisor that sits on top of an operating system. A type-2 hypervisor 
relies heavily on the operating system. It 


cannot boot until the operating system is [custos] [ Guest 0s | [custos] 
already up and running and, if for any i | 
reason the operating system crashes, all 

end-users are affected. Examples of type- 
2 hypervisor are Microsoft Hyper V, Wind 
River Simics, Containers, VMWare fusion, 


KVM, Xen Windows Virtual PC, Parallels 


Desktop for Mac, etc. Type 2 hypervisor 
IS shown in fig. 1.21. 


ga peer 


System Hardware 


Fig. 1.20 Type-1 Hypervisor 


Host Operating System 


System Hardware 


Fig. 1.21 Type-2 Hypervisor 
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Advantages — Following are the advantages of hypervisor techn 
9 M: 


(i) The hypervisor is used as a layer of abstraction to isol 
D Ate 


Virtual environment from the hardware underneath. 

(ii) Hypervisor is implemented below the guest OS jn the 
computing hierarchy, which means that if an attack passes the security « 
in the guest OS, the hypervisor can detect it. ysig 

(ii) The hypervisor level of virtualization controls all t 
between the guests’ operating systems and the shared h 
Therefore, hypervisor is able to simplify the transaction m 
the cloud environment. 


(iv) Hypervisor controls the hardware and it is only way to q 
it. This capability allows hypervisor based virtualization to have a E 
infrastructure. Hypervisor can act as a firewall and will be able to E 
malicious users to from compromising the hardware infrastructure, "S 


t] 


he q 
ardware undep; 


onitoring Proces, 


Q.53. What virtualization platform does the chosen cloud comput 
service provider offer ? Does it enable the enterprise to move resour 
securely and freely, to and from the cloud, [R. GP.K., Dec. 2017 MC 


l Ans. Microsoft had developed microsoft hyper-v server in 2008. Iti 
infrastructure/server virtualization solution. Itis also known as window sA 
It uses a hypervisor based technique to perform hardware virtualization th 
leverages some methods to provide a support of different guest operati 
system. Hyper-V is a component of window server 2008 R2 which i 
the hypervisor as the server. Hyper-V leverages both paravirtualization a 
full hardware virtualization method hence hyper-V is hybrid solution 


i 


TILT COMPUTING, ELASTIC COMPUTING, AJAX — 
ASYNCHRONOUS ‘RICH’ INTERFACES, MASHUPS — USER 
X ASYNCHR INTERFACES” CoL ECEr? 
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Q.1. What is utility computing ? 
Ans. A vision of computing, defining a service provisioning model for 
ompute services in which resources like storage, compute power applications, 
d infrastructure are packaged and provided on a pay-per-use basis is called 
a utility computing. The idea of providing computing as a utility like natural 
gas, water, power and telephone connection has become a reality today with 
the advent of cloud computing. 

Very similar to the traditional real world public utilities (such as electricity, 
water, gas and telephone), their availability and usage charges, this model of 
computing services and resources are available to the users whenever they 
need them and they will be charged based on the amount of usage. This 
system ofpackaging the storage with computational resources requires minimal 
or no initial hardware costs. However, the mentioned resources are rented 
such that they should be paid to be used. The utility computing environments 
are currently deployed by establishing service-oriented grids. In this case, the 
present resources in grids are generally clusters, where clusters are formed 
from the high-speed interconnection of several standalone machine. 


Q.2. Write down the advantages and disadvantages of utility computing. 

Ans. Advantages — Following are the advantages of utility computing - 

(i) Low Costs — Using a utility computing provider for resources 

and services is far less expensive than buying and running computer hardware 

and operations in-house. Therefore, the users benefit reduced from operational 
IT-related complexities and costs. 


. (ii) Convenience — The client can rely on another prov 
services instead of buying all the required hardware, software and licenses. 


ider for 
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(iii) Compatibility — Companies can subscribe to a single pen; 
service and utilize the same suite of software or service all through the Vl, 
client organization. 
Disadvantages — Following are the disadvantages of utility Comput 
(i) Cost — This is also considered as a disadvantage, tt mi dii 
possible that a small business will choose to handle itè own computing 5 
if the fee to access and utilize the supercomputers is high. dr- 
(ii) Educating Consumers — Inadequate advertisin 


| g of Utility 
compunng to consumers, therefore, makes it difficult to sell these services i 
them. 

(iii) Safety — There is a probability that hackers may gain access to 


clients" files or use services without payment. 

(iv) Reliability - Utility computing companies ma 
technical and equipment problems resulting in closure of busin 
to their financial situations. In these cases, clients may have 
curtailed. 


y experience 
Css According 


0.3. Write short note on clastic computing. 


Ans. \n cloud computing, elasticity is described as the level to which a 
system 1s capable of adapting to workload variation by offering and taking 
back resources the autonomic way; at every point in time the accessible 
resources meet the present need. It is a vital feature, which distinguishes jt 
from earlier computing paradigms, like grid computing. This dynamic 
difierence, so as to meet an unreliable workload, is known as elastic computing, 
Elastic computing is offered by cloud computing where computing resources 
may be scaled up and down by the cloud service supplier. Elastic computing is 
the capability of a cloud service supplier to provision flexible computing strength 
when and where required. The elasticity of such resources may be in terms of 
bandwidth, storage, processing power, etc. 


0.4. Describe AJAX technology in brief. 
Or 
Define Ajax. (R.GP.V, June 2016) 
Ans. AJAX stands for Asynchronous JavaScript and XML. Asynchronous 
ause it does not disturb the user's work, and does not refresh the full 
screen, JavaScript because it uses JavaScript for the actual work and XML 
because XML is supposed to be everywhere today. AJAX is a new technique 
of Web programming and its primary components are JavaScript and XML, 
AJAX is a technique, which describes how other technologies, JavaScript, 
DOM, and XML can be used together for developing interactive Web 
applications. These applications are based on AJAX Web application model, 


bec 
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Script and XMLHttpRequest object for asynchronous da 
as ta 


og, when we used to create a Web applicatio 

y pn ologies. the application based on these 
fy, Even the end-user could not work on 
ely. E 


Tro application. To overcome this, Jesse James Garrett of 
,skto P" : combined JavaScript, XML, and DOM together to form a new 


d AJAX. In this technique, the request to the Web server is 
. XMLHttpRequest object. This object, a part of JavaScript 
kalps i sending asynchronous request to the server. With this 
anolog applications can now interact with Web server asynchronously 

quest We van be used for making user experience better by using clever 
AJAX "» communication between a Web browser (the client) and the 


n with JavaScript, 
technologies were 


«nos r. We can use AJAX in situations, where we want to Capture the 
» re user is typing or has typed, and process it while the user continues 
ma whatever he is doing. 
to l | 

Q.5. How does AJAX work : Egi in. 
rite short note on AJAX functionality.  (R.GPY,, June 2017) 


Ans. AJAX sends a request from the Web browser to the Web server 
ier AJAX needs to come into the picture based on the user action (e g., 
e ething is typed). On the Web server, a program written in a server- 
meina receives this request. Now, a program on the Web server 
: d this request, and sends a response back to the Web browser. Note 
wie user does not know that the Web browser has sent a request to the 
Web server while this happens. The response received from the Web server is 
processed by the Web browser. Then, the Web browser takes an appropriate 


action, This concept is shown in fig. 2.1. 


AJAX Request Server-side | 

: Code |: 

AJAX Response | i 

Web Browser i Web Server 1 
Fig. 2.1 AJAX Process 


This works as follows — 

(i) While the user is filling up an HTML form on the basis of s 
specific event, the JavaScript in the client's browser prepares a ES " 
AJAX request (usually called as an XMLHttpRequest) to p MED ASE ET 

(i) While the user continues working as if nothing has happen 
the Web server invokes the appropriate server-side code. 
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new piece of informeztion in synchronous 
CITEN. 

This pariero of sequest-wait-response in 
classic web epplicztions is extremely 
tuniicsume. h also lowers overall productivity. 
The clessic web zpphicztion model has many 
Grewbacks such zs large response time that 
makes it sluggish, loss of states, usage of 
excessive bandwidth, less interactive nature of 
zpplcztion and redundant data in transmission 
code which unnecessarily makes the code heavy. 


Fig. 2.2 Synchronous 
Communication 
Q.7. Discuss about the asynchronous communication used in Ajax web 
applications. 
| | Ans. In asynchronous communication data can be transmitted intermittently 
instead of ina steady stream. The web application model in asynchronous 
communication 1s composed of independent and interactive web components, 


pri 
came P web page. small 


Java Script 
Coll 


e, ioh sll codes of 

5 - o tht Api engme. 

irog ino. ae 
apes of asynchronous = 
z C. on wih Ajax engine z 
de > They ae zs follows — = 
(i) User Generates an = 


update, instead updates can be 
experienced in parts. 
(ii) User Generates a 
Request and Send Indirectly to uU 
Server — In this case also, an event Fig. 23 Asynchronous Communication 
is triggered for Ajax engine and after that first scenario is followed. 
(iii) User Generates Event, but does not Send any Request to Server - 
In this case, though event is generated by user, it is not necessary that it sends 
request to server. In such cases JS (JavaScript) can update component with 
the help of HTML, CSS and JS functions, with the help of data on the same 
page, without triggering any event for Ajax engine. . 
(iv) Before User Generating any Event or Request, Ajax Engine 
Sends a Request to Server — In this case, Ajax engine sends request to server, 
Prior to user triggered event. Because of this process, whenever user reques 
aeei: event, results load very quickly, giving very fast and uninterrupted 
experience. ] 
Ajax engine adds asynchronous flair to the web application, by s 
and receiving data from server side asynchronously. Due to this behaviour 


ieee c ctc 


a | 


(a) Traditional Internet Application 
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Ajax engine, an undisrupted and fast responding wcb application 
experienced. Even if, Ajax model adds extra level in web application module ; 
makes overall application morc responsive and interactive, instead of slowint 
it down. In classic web applications, whole web page needs to reloaded s 
every user triggered event, Ajax eliminated this need-to-reload, Ajax ale. 
increases overall efficiency of web application, by providing updates Of specif, 
contain that user asked for, rather than updating entire page. This processe, 
saves lots of data transmission, leading to saving of bandwidth usage, Dus 
this, overall process becomes much faster and user experiences mo, 
responsive and richer interaction with web. Z 


Q.8. Explain traditional vs rich internet application. 


Ans. A base HTML page is loaded along with JavaScript code tha 
the remainder of the user interface. This JavaScript program rende 
user interface that can often look like a traditional client- 
When data is required from the server, asynchronous re 
REST web services, which return JSON structures that are directly used by 
the JavaScript code running in the browser. Because of the nature of the 
HTTP protocol, a web server expects that an incoming request from a single 
client session will not be followed by another until the server has responded to 


t contains 
rS à ‘rich’ 
Server application. 
quests are made via 


Rich Internet UI 


Largely JavaScript 
Some HTML 


JavaScript 


Functions 
HTML Forms UI 


Largely ITME 


AJAX Controller 
Some JavaScript 


Queues Request, 
Call Response Handlers 


HTML + JavaScript Code 


KEST Service Cells 
JSON Over HTTP 


HTML Over 
HTTP 


HTTP Server HTTP Server 


Accesses DB, Returns JSON 


(b) Rich Internet Application 
Fig. 2.4 
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t. If a client violates this protocol by sending many re 
ese will be ignored and at worst som quests at 


c poorly im l 
sh! Therefore an AJAX controller is required EHE 
zc 
> each request is u 
he server only after the previous request has eedah = 


Cgistered with 
interactive yet 
le. Using this 
provide a user 
y run inside the 
enterprise users, 


perience rds making SaaS offerings more acceptable to 
c using AJAX, services from multiple could providers can be integrated 
Furthe M browser, using JavaScript, instead of using more complex server- 
Vm tegration mechanisms based on web services. The traditional and rich 
si 


internet applications are shown in fig. 2.4 (a) and 2.4 (b). 
i 


Q.9. What are the advantages and disadvantages of Ajax ? 
Ans. The advantages of Ajax arc as follows — 
(i) Open Source — Ajax is a unique combination of existing open 
source technology. 
(ii) Compatibility — Cross-browser and cross-platform compatibility. 
Also compatible with existing technologies. 
(iii) Optimization — Code can be easily separately optimized in small 
parts. 
(iv) Minimize Cost of Development — Ajax application can be 
developed with just simple notepad. 
(v) Fast — Ajax applications are faster than traditional web 
applications. 
(vi) Enriches user Experience — Ajax applications provide more 
interactive, optimized, and dynamic web contain. 
The disadvantages of Ajax are as follows — 
(Ü JavaScript — More use of JavaScript for interaction. — 
(ii) Complexity — More complex than traditional web applications. 
à (iii) Coding — Adding extra layer to existing web model needs more 
co Ing. 
(iv) Internet Explorer — Different code for internet explorer. 
(V) Old Browsers — More bulky and separate code for old browsers. 


0.10. Explain the security issues of Ajax. 


T " an ric 
. , Ans. Ajax is combination of many technologies. Very common and gene 
risk in Aja 


° : z used 
* application development is not knowing all the technologies 
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ign code is a valid security concem especially in the enterpri 
se 


„g forel 
ag IE t code normally cannot access resources on the client 
from the browser and network, so it may appear that there is 


ty threat, unlike say ActiveX controls which have essentiall 
ş to the desktop once a user installs them, y 


example iS Google Maps, which is po 
NS ations. Google provide maps API whic 


in Ajax building. By not knowing them, there is always risk of Creating | 
holes or generating any vulnerability in the application. 

The heart of Ajax is object XHR. XHR is based on JavaScript and 
can cause trouble, Because JavaScript is visible in client side browser, amy, 
intentional person can edit that code and can be used to validation Procesy 
One ofthe major problem is in server-side, if there is no validation on data, h 
such case, there is great risk of exposition of vulnerabilities like SQL injection 
Another problem is mal-practicing of programming. Sometimes programme, 
writes code for client side and includes validation process for server s de 
This problem becomes grave danger, when web application access many 
different servers for information and validation code is written on the client 
side, In such scenario, validation code should be on the server side, or for 

more security, validation code should be written on one server and then ftom 


0p, 


tha 
pular interface to many 


hare used by programmer 


and present the 
the map, 


12, What are the types of mashups ? Explain, 


the central server, other server validation should be done, instead of User 0 e are numerous types of mashups such as business mashup 
interacting directly with other servers. The validation request sent by XMR i Ans. te sud diis liuc , 
i web applications. Validation and analysis o gumer MASP» 
ee area id chan PASO eque n i) Business Mashups — These mashups are web applications that 
to server is very important to avoid any mishap in security. (i) ia eu i 
0.11. What do you mean by mashup ? Explain. integrate their own ae Neo services. It is 


{to allow collaborative action among businesses and developers, Business 
oe are secure and usually visually rich web applications that expose 
vii information from diverse internal and external information sources. 
ài 


Ans, The term mashup is used in Web 2.0. In Web 2.0, mashup can bea 
web page ora web application that integrates contents such as data, presentation, 
or functionality from different sources to create a new service, The content 
can be obtained through a public interface, obtained from RSS/Atom, or 
provided by third party. More and more web applications have published their 
APIs to allow other users like software developers or web page developers to 
use, Developers can use these APIs to integrate data or functionalities into 
their own service instead of building them from scratch by themselves, The 
new service depends on how the developer integrates the data or functionalities 
from APIs. Developers can mashup with multiple data sources like maps, 
photos, bookmarks into a new service they desire. 

Mashups are interactive web applications that take content from different 
sources and present them in entirely new and unique manner. The web is 
continuously growing and becoming more social and open. Because of this 
continuous growth, many websites have made their API publically available to 
the programmers that allow them to get information and build interactive 

applications. From a user perspective, mashups make it easy to consume web 
services. In fact, the actual service call need not even be a REST service, and 
may instead involve proprietary AJAX-based interaction with the service 
provider. In this sense, mashups make the issue ofa published service standard 
| using REST or SOAP/WSDL irrelevant; the only thing that is published is @ 
JavaScript library which can be downloaded at runtime and executed by 4 
client application, At the same time, the fact that mashups require downloading 


(ii) Consumer Mashups — These mashups integrate different 
visualizations and data elements from multiple public sources to createa simple 
browser user interface that is more appealing consumption of information, 


(iii) Data Mashup — lt is opposites of consumer mashup, It 
integrates the same data level, whether it’s integrating files, database, external 
web service APIs from different multiple sources into a single representation. 
The most common type of mashup is the consumer mashup, aimed at the 
general public, 


| 


SERVICES VIRTUALIZATION TECHNOLOGY ~ VIRTUALI- 
ZATION APPLICATIONS IN ENTERPRISES, PITFALLS OF 
| VIRTUALIZATION , 


p 


0.13. What is virtualization ? [R.GBV, Dec. 2016 (BE)] 


Ans, The technique of masking and abstracting physical resources 1s 
known as Virtualization, Virtualization makes easy the infrastructure and 
"n Ommodates the increasing growth of business and technological changes. 
in; roves the capability and utilizations of IT resources, like networks, servers, 

"ope devices, beyond their physical limits. Virtualization facilitates resource 


a 
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management by storing and pooling resources for high utilization, |t m 
them seem as logical resources with increased capabilities. ak 

In case of infrastructure-based services, virtualization technolog i 
considered as one of the fundamental components of cloud compu, 
Virtualization enables creation of secure, customizable, and isolated exec! 
environment for running applications, without influencing other Use! 
applications. In addition, virtualization technologies not only give a virt 
environment for executing applications, but also for memory, Storage, a 
networking. Virtualization offers a great opportunity to construct Clasticay 
scalable systems that are capable of provisioning additional capability Wii 
minimum costs. Thus, it is largely used to provide customizable computin 
environment on demand. 

The three main components in a virtualized environment are gues 
virtualization layer and host. The system component that interacts with t 
virtualization layer is represented by the guest. The virtualization layer; 

responsible for recreating the same or a different environment where the gy 
will operate. The original environment where the guest is supposed to 


managed is represented by the host. 


Q.14. Define virtualization ? Why virtualization is important in clo 
^c  [R.GP.K., May 2019 (BE) 


computing ? 

Ans. Refer to Q.13. 

In cloud computing environment a very popular concept is used know 
as virtualization. Cloud systems use virtualization concepts as a tool to enab 
better functionality and more advanced features within and across late 
technology. 

Virtualization is critical to cloud computing because it simplifies 
delivery of services by providing a platform for optimizing complex I 
resources in a scalable manner, which is what makes cloud computing s 


j 


cost effective. 
Virtualization has three characteristics that make it ideal for clov 

computing- 

() Partitioning — In virtualization, we can use partitioning ! 
support many applications and OS in a single physical system. 

(i) Isolation — Because each virtual machine is isolated, ead 
machine is protected from crashes and viruses in the other machines. 

(iii) Encapsulation — This can protect each application so that! 
does not interfere with other applications. Using encapsulation, a virtual machi’ 
can be represented as a single file, making it easy to identify and present! 


other applications. 
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architecture of a computer System before and aft 
er 


s the 
piscus: [GRY D 
on 4ional computer system runs with hardwa ai di MERE 
yir A traditio m is designed according to hardware adieu 


15 ; syste 
ba operation, > serating systems can run on same hardware and manage 
55" yjrtualiZ®" eons and independed from host operating system, This is 
After bi applic additional virtualization layer software. This Virtualization 
gh isor or virtual machine monitor. The virtual machines 
the external boxes where applications run with their own 


put resources. For virtualization, the main function of 
lize the host machine physical hardware into virtual 
e used by the VMs exclusively. This requires more steps for 
e virtualization software makes the virtual machine abstraction 
a virtualization layer at many steps of a computer system. 
layers include the instruction set architecture level, 


OS of Host 


Virtualization Layer 


Hardware Hardware Running the OS of Host 


(a) Computer System before (b) Computer System after Virtualization 


Virtualization 
Fig. 2.5 


Q.16. How are virtualization and cloud computing interrelated ? Explain 
[R. GP.V., Dec. 2017 (BE)] 


virtualization in cluster. 
Ans. Cloud computing can be perform without virtualization. Some 
hardware, OS and application clusters provide cloud services but it will be 
Very expensive and difficult. They provide limited features only but need a lot 
of work, Hypervisor vendors like VMware, Microsoft and Citrix systems 
focus on the technology of cloud, hence virtualization and cloud computing 
interrelate. Cloud computing is a growing technology and it will change the 

World of smart computing. 
iti ara Cluster — A physical cluster is a group of HIIS 
at distrib other through network. Virtual cluster is a network of \ . um 
uted servers from one or more physical clusters. In virtual cluster, 
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: : A > ugh a virtu 
virtual machines are logically connected sa g pete al Network . 
works. Physical machines or a machine 


many physical net ; 
dnd ers create virtual cluster. Virtual cluster h 


multiple physical clust 


boundaries. A . 
There are following design issues of virtual clusters — 


(i) Live migration of virtual machines. 


(ii) Virtual clusters dynamic deployment. 
(iii) Virtual clusters memory and file migrations. 
Dynamically provisioning virtual machines to a virtual cluster has follow, 
characteristics — l 

(i) Physical machines or virtual machines running different Oper; 
sysems like Linux, Unix on the individual physical machine are called y 
cluster nodes. 

(ii) Virtual machine on physical machine but the operating sy; 
of both are different. Virtual machine uses guest OS while physica] mach; 
uses host OS which manages resources of physical machine. 

(iii) Use of virtual machines is to consolidate various functionali 
on the same server these features increase server utilization and flexibility 
application. 

(iv) The number of nodes within a virutal cluster can increase 
decrease dynamically. 

(v) When any physical node has failed. All virtual machines ins 
on that mode will be disables but when vitaul machine has failed, host s 
does not affect. 


qj 


as digi 


Q.17. What are the objectives of virtualization ? 
Ans. The objectives of virtualization are — 

(i) Improvement of scalability 

(ii) Improvement of availability 

(ii) Improvement of maintainability 

(iv) Improvement of performance. 


0.18. What is management virtualization ? 
[R.GP.V., Dec. 2015 (MC 


Ans. Virtualization management refers to coordinated provisioning 
orchestration of virtualized resources, as well as the runtime coordinat 
of resource pools and virtual instances. This feature includes the 
and dynamic mapping of virtual resources to physical resources, and 2 


overall management capabilities such as capacity, analytics, billings, 
SLAs. 
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mparison be i izati 
5 ime down the comp tween virtualization and cloud 
0^7 
ing: ; irtualizati i 
a put "ss comparison between virtualization and cloud computing are as 
Aus 


irtualization Cloud Computin 
Vi puting 


sf the ordered substructure.| Brings resources of computing as 
a utility to client across the network. 


Cloud deals computing as a service 
instead of a particular technology. 


i itself is not 
„service layer itse j 
i ee to the client and without 


i 
on layer user cannot handover 
compute as utility. 


One probable utility that can be 


delivered. 
Can exist without the cloud. 


An access for the bringing of 
utilities to an clients. 


Can exist only with virtualization. 
Using cloud computing it is possible 
to use those resources on other 


level by giving access to elements 
when required. 


Virtualization allows itself an l 
arrangement to serve and effici- 
ently use its IT resources 


, Briefly explain the different types of virtualization. 
SA Lee [R.GP.V., Nov. 2018 (BE)] 


Ans. Following are the various types of virtualization — 


(i) Execution Virtualization — Execution virtualization incorporates 
all those techniques whose objective is to emulate an execution environment 
that is separate from the one hosting the virtualization layer. All these techniques 
focus their interest on giving support for the programs execution. The programs 
may be an application, the operating system, or a binary specification of a 
program compiled against an abstract machine model. Thus, the implementation 
of execution virtualization can be done directly on top of the hardware, by an 
application, the operating system, or libraries statically or dynamically linked 
against an application image. Execution Virtualization techniques are divided 
into two major categories depending on the type of host they need. The 
implementation of process level techniques are done on top of an existing 
operating system, which has full control of the hardware. The implementation 
of system level techniques are done directly on hardware and do not need an 
existing operating system. l 

(ii) Storage Virtualization — A system administration practice hat 
mas decoupling the physical organization of the hardware from its bga 
Tepresentation is called storage virtualization. Users do not have to be though 


——— —————— n — 


ü 
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about the particular location of their data by employing this technique, 
particular location of data is recognized through a logical path, Sto 
virtualization enables harnessing a variety of'storage facilities and l'epreseni 
them under a single logical file system. We can divide the storage Vittualizgs 
into different techniques. Among them, the most popular is network. p, 
virtualization by means of Storage Area Networks (SANs). A network accessi 
device is used by storage area networks using a large bandwidth conneetig, 
to offer storage facilities. n 
(iii) Network Virtualization — For the creation and management of 
virtual network, network virtualization combines hardware appliances a 
specific software. Different physical networks can be aggregated into a singh 
logical network (external network virtualization) by network Virtualization, To 
an operating system partition (internal network virtualization), Network 
Virtualization offer network like functionality. Generally, the outcome of externi 
network virtualization is Virtual LAN (VLAN). An aggregation of hosts that 
communicate with each other if they were located under the same broadcasting 
domain is a VLAN. Internal network virtualization is applied together with the 
hardware and operating system level virtualization where the guests achieve 
virtual network interface to communicate with. The implementation of internal 
network virtualization are done in several ways — the guest can contain a 
private network only with the guest; the guest can share the same network 
interface of the host and use NAT to access the network; or the virtual machine 
manager can emulate, and install on the host, an additional network device 
together with the driver. 


(iv) Desktop Virtualization — The desktop environment available on 
a personal computer is abstracted by desktop virtualization in order to give 
access to it by employing a client-server approach. Desktop virtualization 
makes accessible a different system, but this system is remotely stored ona 
different host and accessed using a network connection. Apart from this, 
desktop virtualization deals with the situation of making the same desktop 
environment accessible from everywhere. However, the term desktop 
virtualization means the ability to remotely access a desktop environment. In 
general, the desktop environment is stored in a data center or a remote server 
that offers a high availability infrastructure, and guarantees the accessibility 
and the persistence of the data. There are several benefits of desktop 
virtualization — accessibility, persistence, high availability and ease of 
management. 


(v) Application-server Virtualization — A collection of application 
servers is abstracted by application-server virtualization. These application 
servers offer the similar services like a single virtual application server by 
employing load balancing strategies and offering 2 high avail^ility infrastructure 
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ysted in the application server, This iS a speci 


PLI '8 he i fic t 
NT serv ind gerves the same purpose of storage virtualization, ype of 
0 "IU 
Pali vin is tlie need of storage virtualization ? Discuss the Ways in 
which it Ns ine virtualization needed for — 
Ans: A Efficient storage utilization 
ui c 


ij) Fast and reliable storage 
ja Provides flexibility. 

(iii e ways in which storage virtualization structured — 
Ther 


an ji) Storage Device-based Virtualization — It is the other way of 
. (n In this way virtualization is performed on hardware level. It 
virtualization. apability of RAID controllers. It manages meta-data by creating 
leverages the d space through the use of large number of physical device 
a 4 Loin s. Advanced RAID controllers permit further storage devices 
drivers re i 


ttached as-well-as features like cloning and remote replication. 
ones ii) Network-based Virtualization — It is performed on network 
; E Network device resides between the host and storage gives 
jar um es of input output redirection, vitalizing input output requests and 
i Ded physical and logical space. Many storage device look like 
Fally connected to the operating system. Storage and virtualization device 
are known as storage area network. 


map 
physi 
and this network of hosts 


,22. Write in brief about block and file level storage virtualization. 
oll i [R.GP.V, Dec. 2015 (BE)] 
Or 


Write the difference between block and file level storage virtualization. 
j e [R.GP.V., Dec. 2014 (BE), June 2015 (BE)] 


Ans. Block Level Storage Virtualization — Block level storage 
virtualization is illustrated in fig. 2.6. It offers a translation layer between the 
hosts and the storage arrays in the storage area network (SAN). Here, 
the hosts are directed to the virtualized logical unit numbers (LUNs) on 
he virtualization device. The translation between the virtual LUNs and the 
physical LUNs on the individual arrays is carried out by the virtualization 
device, This makes easy the use of arrays from_several vendors at a ums 
Without any interoperability issues. All the arrays seem as a single target device 
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and LUNs can be partitioned or distributed across multiple arrays fo 


. . . ra 

Block level storage virtualization combines heterogeneous Storage Ms 
increases storage volume online, allows transparent volume access, and resol A 
application growth requirements. q 


Virtualization Applied 
at SAN Level 


O——1 


Heterogeneous Storage Arrays 
Fig. 2.6 Block Level Storage Virtualization 


LUN migration from one array to some other array was an offline event 
in traditional SAN environments since the hosts required to be updated to 
reflect the new array configuration. In other cases, host CPU cycles wer 
needed to migrate data from one array to the other, particularly in a multi- 
vendor environment. In case of block level virtualization solution, the 
virtualization engine manages the back-end migration of data that allows LUNs 
to remain online and accessible during data migration. Since the host still 
points to the same virtual targets on the virtualization device, no physical 
changes are needed. Although, there should be a change in the mappings on 


the virtualization device. These changes are transparent to the end user and 


can be executed dynamically. In a virtualized environment, deploying 


heterogeneous arrays makes easy an information lifecycle management (ILM) 
strategy, enabling considerable cost and resource optimization. 


File Level Storage Virtualization — A network attached storage (NAS) 
environment before and after the implementation of file level virtualization 
shown in fig. 2.7. File level virtualization offers opportunities to perform 
nondistruptive file migrations, and server consolidation and to optimize 
utilization. It meets the NAS challenges by alleviating the dependencies betwee? 
the location where the files are physically stored and the data accessed at thé 
file level. Each NAS device or file server is logically and physically independet! 
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of its file level 
blems result due 
Tmance reasons or 
les from one server 
nent and this needs 
plications have to be 
storage administrators 
ng the required service 


lization. Each host knows exactly the location 
virtud tilized storage resources and Capacity pro 
wit os Unt a les to a certain file server. Due to perfo 
yndation r fills up, it is necessary to migrate the fj 


e 
file nee easy to move file across the environ 
It is 


p DO 


the file servers. In addition, hosts and ap 
: ith the new path, making it complex for 
pd efficiency at the time of maintaini 


File 


F 
R 


Environment 


(a) Before File Level Virtualization 


Virtualization Clients 
Appliance 


Clients 


ill 


Storage Arrays 


(b) After File Level Virtualization 

Fig. 2.7 NAS Device 

Ora s mobility of file is facilitated by file level virtualization. It offers users 
p Independence from the stored file location. File level virtualization 
access f logical pool of storage, which allows users to use a logical path to 
Simplit 2 ` The movement of file systems across the online file servers n 
Clients = by file level Virtualization. It refers that when files are being ges 

^ access their files without causing problems. The files of clie 


70 Cloud Computing (VIII-Sem) ; ai Unit- 11 74 
. : ization — In thi : . 
can be read from the old location and written them back to the dif pesktop Hu PO i EUG enterprises haye 
location without realizing the change of physical location. Online moy À (i) ndreds of Po cae ; pda à desktop and/or one 
of files can be performed by multiple clients attached to multiple sen À not hu s and mobile phon : vici sed to connect to applications 
optimize utilization of their resources. The mapping of logical path Ofa et un yc aptior” nterprisc 5 data a ri ti aging regular system updates, such 
the physical path names can be done using a global namespace, lli ATL the atches Or virus de n lons IS a major system management 
) MA] pnt curity Wi tools, such as IBM’s Tivoli are used to automate this Process 
0.23. Explain the importance of memory virtualization, " i pnistiont® tributed network of users. Managing application roll-o ts 
R.GPV, Dec. S0P | pally dis ic asimi Meses aia 

[ dd dein 2017 (uc " Es i global > vironment is a similarly complex task, especially in the case 
Ans. There are several importance of memory Virtualization — ae such am applí cations such as most popular email clients and office 
(i) Memory virtualization helps in memory utilization throu elie ols, a5 well some transaction processing or business intelligence 

sharing of resources which are scarce and consolidating more virtual machi 0 : ducti tools, 
on a physical host and sharing of contents. picos Applic ation Streaming — In this approach, instead of running 
| (i) Memory virtualization lowers latency. (ii) Peal virtual machines, application streaming envisages 
| (iii) Memory virtualization gives faster access as compare to $3) F plications d virtual machine images centrally. An end point client, such as 
SAN. uu" i , | paintaining ° RA hypervisor that also downloads the virtual machine image 
(iv) Memory virtualization helps in sharing large amount of day , desktop» run and launches it on the end point client. In this manner the 
between applications of many server without redundancy and reduce Memon] fom the id of the end point is fully exploited, a VM image can be 
requirement. processing iene y and only incrementally updated when needed, and finally 
Ius (v) Memory virtualization helps to access more memory y cached for ef ai can be large, need not be centrally maintained but mounted 

compared to capacity of physical memory. ser oe i k as soon as the virtual machine boots. 
r $ EA rs . . . 2 oca 
(vi) Memory virtualization helps in reducing run time of input outpy from the — through Virtualization — Modern data centers are 
bound applications which consume more data, thus increases efficiency, b connected to the w orld outside via the internet and are thereby 
(vii) Memory virtualization helps in keeping some memory space fr| all necessa li A ous attacks and intrusion. A number of techniques have been 
before halting services as long as memory frees up. open to malic! 


Ans. Application virtualization is a method that describes softwar 
technologies that separate them from the underlying operating system on which 
they are executed. This applies to applications at all tiers, from servers t 
desktops. Generally, this is achieved using encapsulation. Encapsulating an 
isolating the application from the OS changes the way applications can instal 
and interact with the OS. This makes it possible for the application to k 
moved from one system to another, patched, and updated without interaction 
with other applications. Application virtualization also allows applications tol 
copied or backed up as a single file. A fully virtualized application is not install 
| in the traditional sense, although it still executes as though it were. Ti 
application is tricked at run time to believe that it is directly interfacing wil 
the original OS and the resources it manages. 


Q.25. Discuss about virtualization applications in enterprises. 


Ans. Some of the more compelling cases for using virtualization in lay 
enterprises are as follows — 


Q.24. Describe application virtualization.[R. GP. V., Dec. 2013 (MCA) 


developed to secure these systems, such as firewalls, proxy filters, tools 
- logging and monitoring system activity and intrusion detection systems. 
Each of these security solutions can be significantly enhanced using 


virtualization. 

(iv) Server Consolidation — The most common driver for 
virtulization in enterprise data centers has been to consolidate applications 
running on possibly tens of thousands of servers, each significantly 
underutilized on the average, onto a smaller number of more efficiently used 
resources, The motivation is both efficiency as well as reducing the complexity 
of managing the so-called ‘server sprawl.’ The ability to run multiple virtual 
machines on the same physical resources is also key to achieving the high 
utlizations in cloud data centers. 


deii: (v Automating Infrastructure Management — An pees 5 

nn at virtualization projects is to reduce data center managemen a 

that whi 4 people costs through greater automation. It is important to E É 

m Virtualization technology provides the ability to automate m 

complex ding designing and putting into place an automation strategy 
Xercise that needs to be planned. 


72 Cloud Computing (Vill-Sem) 
0.26. Enlist and explain some of the common pitfalls that ¢ 
virtualization. [R.GRV, Dec. 2013 (BE), June 2 


June 2017 (A 
Ans. Some of the pitfalls of virtualization are as follows — 


(i) Inefficiency and Degraded User Experience — So metimes 
is an inefficient use of host in virtualization. Some of the features of 


OMe ,, 


lhg 


f : the he, 
cannot be exposed by the abstraction layer and they become inaccessible | 


case of hardware virtualization, this could happen when for device drive 


the virtual machine can sometimes just provide a default graphic card whig 


maps only a subset of the features available in the host. Some of the 
of the underlying operating systems may become inaccessible unless 
libraries are used in case of programming level virtual machines. 


(ii) Security Holes and New Threats — New and unexpected fon 
of phishing has introduced due to virtualization. The capability of emulating, 
host in a complete transparent manner, has led the way to malicious progran 
which are designed to extract sensitive information from the guest. Malicioy 
programs can preload themselves before the operating system, and act as; 
thin virtual machine manager towards it in case of hardware virtualization 
Then, the operating system is controlled, and can be manipulated in order y 
extract sensitive information of interest for third parties. BluePill and SubVq 
are the examples of these kind of malware. The diffusion of such kind y 
malware is facilitated by the fact that originally, hardware and CPU were ng 
manufactured by keeping the virtualization in mind. The same consideration 
can be made for programming level virtual machines modified versions of th 
runtime environment can access sensitive information, or monitor the memor 
locations utilized by guest applications while these are executed. In order t 
make this possible, the original version of the runtime environment needs tok 
replaced by the modified one, and this can generally happen if the malwarei 
run within an administrative context, or a security hole of the host operatin 
system is exploited. 


f eatur 
Specif, 


(iii) Performance Degradation — Increased latencies and delays cit 
be experienced by the guest because virtualization interposes an abstractiot 
layer between the guest and the host. For instance, in case of hardwat 
virtualization, where the intermediate emulates a bare machine on top of whid 
an entire system can be installed, the causes of performance degradation c? 
be traced back by the overhead. Also, when hardware virtualization is realiz 
through a program that is installed or executed on top of the host operatif 
systems, a major source of performance degradation is represented by th 
fact that the virtual machine manager is executed and scheduled together wil 
other applications, thus sharing with them the resources of the host. 


015 (by 
Ic, 
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‘on can be made in case of virtualization technologies 
ar cons s in the casc of programming language virtual Mie ea 
anaged applications is slow down due to binary translation 
Moreover, being their execution filtered by the runtime 
to memory and other physical resources can represent 


ments ^c manc degradation. 
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7, What is multi-tenancy ? ENDRI _ 
0.27. “tenancy means sharing the application software between 
ps have different needs. Allocating single instance of an 
multiple ftware i.e., cloud to multiple users is called as multi-tenancy. 
ih s tenant. The users who need similar type of resources 
stance of cloud, so that the cost is shared between the 
ke the access of instance of cloud computing cost effective. Multi- 
e ws users to easily access, maintain, configure and manipulate the 
E single database running on the same operating system. The data 
storage mechanism remains same for all users who share the similar hardware 
and software resources. In multitenant architecture, user cannot share or see 
each other’s data, here the security and 
privacy is provided. 
The main requirement of multi- 
tenancy is that the software provider 
gets many requests from customers 
with the customized needs. If a 
software product is implemented 
according to each customer needs 
separately and delivered, then the 
implementation takes more time to 
complete, The software cannot be 
maintained easily if there are different 
implementations of the product. The 
apne needs to spend more money 
ie, different customers. Here 
Provide si comes into existence to 
p $ ood for all the problems 
customer with pel to satisfy different 
crent needs. Multi- 


gre allo 
ysers to 
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data store 
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Fig. 2.8 Multi-tenancy 
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tenancy allows single software to be served between the multiple custo 
by using customized settings option. The needs of each customer are es 
in custom settings. The software provider serves the same Product 
implementing it seeing the customized requirements of each customer b 
makes it available only to the specific customer respectively, The tenant, ty 
share the software product cannot see each other’s implementation Wh 
There is no contact between each customer's sharing the same SO 


: . fiware, 
software provider be in contact with multiple customers to Satisfy them ' 


0.28. Discuss about the multi-entity support. 


Ans. Multi-tenancy is a way of trying to achieve an economic gain; 
cloud computing by utilizing virtualization and resource sharing. Multi-tengy, 
implies different meaning from different points of view and Services, Mea, 
that, 

To perform any type of services like IaaS, SaaS and Paas in 
cloud and private clouds the key technique is multi-tenancy. If the peop, 
discuss about the clouds they may speak about the IaaS services Boj 
cloud architectures like private and public clouds go beyond the Speci 
features like virtualization and the concept of IT-as-a-Service throug 
payments or billing back in the event of private clouds based on meter: 
usage. An laaS service has advanced features such as service level agreemen 
(SLAs), identity and access management for security access (IDAM), fay 
tolerance, disaster recovery, dynamic resource allocation and many oth 
important properties. By injecting all these key services at the level t 
infrastructure, the clouds become multitenant to a degree. In the case (| 
laaS multi-tenancy go beyond the layer to merge the PaaS layer and ati 
end SaaS layer or application layer. laaS layer contains servers, storages ay 
networking components, PaaS layer consists of platform for application 
like Java virtual machines like Java compilers, application servers and Sa 


layer consists of applications like business logic, work flow, data bases an 
user interfaces. 


pub; 


The tenants can like the full stream of services that are commonly us 
from the cloud services, from the hardware infrastructure and going all à 
way up to the user interface based on the degree of multi-tenancy offered b 
the cloud. Cloud computing multi-tenancy is used for most if not all softwar 
as a service (SaaS) applications, because compute resources are scalable at 
allocation of these resources is defined by actual usage. There are differt 
types of SaaS services that the clients can access by using internet, from la 


v 
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pasically two type of multi-tenancy techniques as follows — 

i qual Multi-tenancy - In this computin 
ie multiple users. Multiple tenants a 


cute concurrently on top of the same 


B and storage resources 
T€ Served from virtual 
Computing and storage 


ic Multi-tenancy — In organic multi-t 
(ii) organic d software resources in th I. Ws. 
„ie, hardware an SO €s in the system architecture 


s a service provides a software model to deliver software 


provide a 


antage of mu i 
Mu software resources among the different tenants are shared, 
har walt, 


“aeng the maintenance and management effort. All of these advantages 

simplifying cy result in reducing the application costs to provide maximum 
a sali and medium organizations. Multi-tenancy service 
n for cloud services providers are tenant data isolation, tenant 
ae isolation, isolation of tenant execution, tenant-aware security, 
monitoring, management, reporting and self-service administration, isolation 
of tenant customizations and extensions to business logic, tenant-aware 
version control, tenant-aware error tracking and recovery. The degree of 
multi-tenancy of an application is defined as the amount of base application 
ora SaaS layer is developed to be shared amount tenants. The highest degree 
of multi-tenancy allows the database schema to be shared and supports 
customization of the business logic, workflow and user-interface layers, 
private clouds are available at the lowest degree of multi-tenancy and are 
more suited for specific large enterprise customers. 


0.29. Discuss about the applications of multi-tenancy. 


Ans. In multi-tenant applications, data and workload can be easily 
Partitioned, We can partition data and workload along tenant boundaries 
because Most requests occur within the confines of tenant. These Saas 
"i ications deliver a specialized software application as a service to their 
m i enants can access the application service and have full iex 
the Sh data stored as part of the application. But to take advantage is 
data, Th is of SaaS, tenants must surrender some control over their o n 

CY trust the SaaS service provider to keep their data safe and isolate 
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from other tenants” data. Examples of this kind of multi-tenant Saas applic.. 
are MYOB, SnelStart and Salesforce.com. Each of these Applications 2 

partitioned along tenant boundaries. Applications that provide a directs ah 
to customers or to employees within an organization (often refer 
users, rather than tenants) are another category on the multi-tenant apption à 
spectrum. Customers subscribe to the service and do not own the das d 
the service provider collects and stores. Service providers have Jess strin th 
requirements to keep their customers’ data isolated from each other "e 
government-mandated privacy regulations. Example of this kind of custom 
facing multi-tenant application are media content providers like Neth, 
Spotify, and XboX LIVE. Other examples of easily partitionable applicat, 
are customer-facing, Internet-scale applications, or Internet of Things m 
applications in which each customer or device can serve as a patito 
Partition boundaries can separate users and devices. All applications canny 


be partitioned along a single property such as tenant, customer, use, o 
device. 
0.30. What are the benefits of multi-tenancy ? 
Ans. The benefits of multi-tenancy are as follows — 


(i) Worry Free Capacity — Multi-tenancy provides companies ofi] 
sizes the ability to reside in the same infrastructure and data centre. 


(ii) Lower Cost of Ownership — Because all users access thi 
services from the same technology platform it is much easier to access automati 
and frequent updates. No longer need to pay for report customizations orti 
add new functionalities. 

(iii) API Integration Scalability — The integration of Web API i 
available in single-instances, but in the multi-tenancy environment, specifi 
requests for integrations will now go into our product roadmap, and as thej 
become available, they'll be rolled out to all customers. 

(iv) Configurable to your Own Needs — This capability provide 
our customers with the ability to meet their requirements and communicatio 
styles to manage all IT and communication expenses. 

(v) Access to the Latest Releases — Earlier rolling out a new updst 
was a lengthy process because we had to code the change separately for esd 
client instance to ensure that it was compatible with their customizatios 
perform QA, and then put the change into production. With more than 10 
customers, it was a time-consuming task. But, now with multi-ten® 
environment, every customer's instance has the same base code, the roll? 
of new releases is seamless and provide faster access to innovative features? 
manage IT and communication expenses. 
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imization — Database administ 
acity Optimi : Strators need th 
Cap i understand which tenant should be deployed Pres 


polen maximize capacity and reduce costs, 


iscuss about the multi schema approach. 
s towards building a multi-tenant database can be 
rized as fine-grained and coarse grained depending on the degree 
volved. There are three data storage strategies defined 
features. These are shown in fig. 2.9. 
Shared 


broadly categorize 
i n 

f multi-tenancy ! 

Vest isolated and shared 


Data Isolated 


Tenant Tenant Tenant Tenant Tenant Tenant Tenant Tenant 


Tenant 


| 
T 1 


(9) Separate Application, (b) Shared Application, (c) Shared Application, 
Separate Database Separate Database Shared Database 


Fig. 2.9 Data Storage Strategies 
this mo FA Separate Application, Separate Database m é oe 
complete] every user has its own software and database. ak 
Much ti Y Isolated from each other. Maintenance and update cos 
me and system resources are not used efficiently in this model. 


3 
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7u Cloud Computing (VIII-Sem) tation is partly easier and can be Canty iba 
vily shaped ost 
disadvantage 1$ that a large number Of tables - be 


(li) Shared Application, Separate Database Ifig, 2.9 (y my 
model all tenants are using the same and only one software. Also, afj hy 
have their own physically separated databases. Special methods are u Uie, 
that software can be individually customized for each tenant accord 
the tenant's wishes. "t. 

(iii) Shared Application, Shared Database [fig. 2,9 (c)] - 
model tenants use a common software. Also, this model is divided into 
models. These are shared database-separate schema and shared dus" 
shared schema. These are shown in fig. 2.10. w 


Tenant Tenant Tenant 


Tenant Tenant Tenant 


e 


Fig. 2.11 Separate Schema i 


(b) Shared Database, Shared Schema - Ín this approach, 
sere is a common database and common schema for all tenants. This model 
provides the least use and maintenance cost in terms of the most efficient use 
of hardware. The disadvantage is that all tenants are in the same schema. 


<e m 


Database 


Separate Schema 


Shared Application 


Shared Database Tenant Tenant Tenant 


Ir 


Fig. 2.12 Shared Schema 


0.33. Write short note on degree of multi-tenancy. 

Ans. The degree of multi-tenancy is based on how much of a core i 
‘pplication or SaaS, layer is designed to be shares across tenants. The highest $ 
degree of multi-tenancy allows the database schema to be shared and supports f 
“stomization of the business logic, workflow and user-interface layers. In 
other words, all the sub-layers of SaaS offer multi-tenancy in this degree. The j 
low tructure and platform — — 


k 4 
e k {f 


Shared Schema 
Fig. 2.10. Separate Schema, Shared Schema 


(a) Shared Database, Separate Schema — In this approach, 
each tenant has its own separate database tables on the common database. 
Example is shown in fig. 2.11. As separate schemes are created for each 
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fij Lowest Degree — YaaS and PaaS arc multi-tenant, While Sut 
single tenant. d 
(ij Middle Degree — \aaS and PaaS arc multi-tenant, Small e. 

clusters ere multi-tenant. E 
(iii) Highest Degree — laaS and PaaS arc multi-tenant, Saag is fis 
multi-tenant also. 4j 
The higher the degree of multi-tenancy (meaning the more r 
provider's infrastructure and resources are shared), the lower the 


Clow 
Costs fo 
customers, 4 


0.34. Explain the multi-tenancy architecture ín managing data, 


Ans. Multi-enancy is the defining characteristics of cloud computin 
The shzred infrastructure changes the underlying economies of enterpri 
applications, allowing vendors to maintain a single instance for thousands of 
customers. In multi-tenancy cloud environment, multiple users using the same 
infrastructure can access and use an application. The application design muy 
therefore distinguish between users to ensure that they do not share each 
other's data. There are three different methods for achieving multi-tenancy 
which are — using a database, using virtualization and through physical 
separation. [n the case of SaaS, multi-tenancy is achieved via database anj 
configuration with isolation provided at the application layer. So at the application 
layer, service providers must design and implement a specific class and then 
create an object of the class in a manner that satisfies the need of multiple 
users in an effective way. Designing SaaS application in this way will solve 
many issues such as the need for data security, data separation and customized 
applications, Virtualization is another technology for achieving multi-tenancy 
especially for laaS. Virtualization allows multiple copies of operations systems 
(VMs)run within a PM. These multiple VMs can then share the same physical 
hardware resources on the PM such as network card, disk storage. Though 
virtualization based multi-tenancy reduces costs and expenses, but compared 
to multi-tenancy using database technology, it is more costly. 

Multi-tenancy can also be achieved through a dedicated technology that 
provides resources to tenants individually. This is known as multi-tenancy vi 
physical separation. This option is by far the most expensive. Though CSPs 
offer this as an optional configuration to special customers, who want to Ust 


the cloud service but do not want to share hardware resources with other 
customers. 


Unit - jj 21 


aches to managing multi-tenant data in the cru 

separate databases, which is the Cloud are .. (i) 

(ii) housing multiple tenant on the same database, with i 
: <h 

Specifically 

the om tenants data. 

í for representing muhi 
ral architecture -tenancy for effecti, 
The Bo shown in fig. 2.13. € cloud 


Application Layer (SaaS) 


Get 
Instance 


Read Tenant 3 


Read Tenant 1 


Read Tenant 2 


Tenant2 ]|Tenant3 


Tenant 1 


Shared of dB | Shared DB 
Separate 
Schema 


Separate 
Database 
(DB) 


Fig. 2.13 Architecture of Multi-tenancy 

The architecture employs customer integration in three layers, which are 
he application, the infrastructure and the data-centre layer. 

The infrastructure layer and application layer consumer integration levels 
E additions to the cloud computing model. This integration is used to 
ho the cost and need of developing highly scalable SaaS applications, which 

0 by compromising on security and customer segregation requirements. 
level of bi Data Centre Layer — This configuration provides the Male 
curity requirements if implemented correctly, with firewalls an 
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access controls to meet business requirements as well as defined es restore services 15 fet easy and equal distribution of load can 
access to the physical location of the infrastructure Providing the $a PT ne complete multi-tenant model is shown in fees A not 
Mostly data centre layer multi-tenancy acts as a service provider that ag 9 sred: i 
cages to companies that host their hardware, network, and sofiwa Ten, 


VAS re in h 
same building. be 


(ii) Infrastructure Layer — |n infrastructure layer multi-tena 


. . Ncy th, Customer 1 Customer 
software stacks are provided. Each customer or tenant is provided wil yn MES | 
: : ; ulti- 
` icated software stack. This configuration saves costs compa i j lication Application 
dedi pared to day App 


centre-layer multi-tenancy, because stacks are deployed based ish 
customer accounts. 

| The high availability of hardware and software resources can be seen 
this layer. In this case, you can grow hardware requirements based On act 
service use. 


actua 


Database 


Malti-tenant — - > i 
Infrastructure © g 1 


Cast! Cust2 


in 
Ua] 


Multi-tenant 
Molti-tenant Database 


Infrastructure 
(iii) Application Layer — Application-layer multi-tenancy Tequirs 
architectural implementations at both the software layer and the infrastructy, 


| 
layer. Modifications are required for the existing software architecture, including (a) Complete Multi-tenant (b) Single Tenant Database h i 
multi-tenant patterns in the application layer. For example, multi-tenan | Ri 
applications require application methods and database tables to access ar | " 
store data from different user accounts, which compromises on security, | Customer1 Customer 2 | 


done accurately, however, the benefit is cost savings. 


Application 


PERLES] 


While multi-tenancy, on cloud environments provides seemingly limitles 
scalability and an alternative to the expensive data centre infrastructure, i 
raises security and privacy issues because it hands the processing and storag 
task over to third parties. This requires building adequate security into ever 
aspect of the SaaS application, as well as for every IaaS virtual service. This 
involves using filtering which provides an intermediary layer between a tenan 
and data source. Another is permission which uses access control lists. Finall 
is encryption which obscures every tenant's critical data. 


ü , 


Multi-tenant Multi-tenant 
Infrastructure Database 


Q.35. Explain models for multi-tenant database. à = 
(c) Single Tenant Application i 


Fig. 2.14 Models for Multi-tenancy at Database | 


(ii) Single Tenant Database — This has a moderate degree of multi- 
Where application layer is commonly shared among all the tenants but | 


Not t . í 
M databases. The level of separation is determined by the tenant 
*cture, 


Ans. Based on approach used for data isolation and other parametts 


related to tenants, we can have one of the following three basic models 5 


shown in fig. 2.14, tena 
i | "nancy 
(i) Complete Multi-tenant — This has highest degree of muli 


tenancy by employing shared-everything approach. The inherent risk 
complexities of this model include requirement ofa very complex architectus 


high business risk as the data is shared between all tenants, providing customiz (2) Different Schemas within the Same Database - Where 


tach sch 
ema can contain the tables for the respective tenant. 


j 


a 
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(b) Different Databases within the Same Mach 
tenant gets a different database, This gives the flexibility to proy 
services like customized back-up and restore services, 


ine < M 
ide § - 
Pit 

(c) Different Databases Residing on Different M 

Independent machines are allocated for each tenant. This prov 
level of security from a data isolation/storage perspective, 


., Achin 
ides the lig 


` 


ty 


(iii) Single Tenant Application — This is the inverse of the 


4 M 
model. Here the database layer is kept common across all the sacle Vioy 


^ . 4 S but th 
application layer is isolated. This model is employed where certain operat o E 
; nf ; ; ‘ tig OUD — RELATIONAL DATAB 
like customization of interface (in the form of change in business logic, " ; ATAIN THE Gs AND HDFS, FEATURES A ies | CLOUD EIE. 


display, etc.) is to be performed over the application layer. The sin 


application model is shown in fig. 2.14 (c). HDFS, r LE, HBASE AND D 


e enan | AMONG GFS; | 


4 
< 


aot 


gl. How data is managed in the cloud ? Papin 
iT) Data is collected in the form of an organized structure called the 


which is the food of any information system. Data in huge amount is 
onent of the cloud infrastructure. Data can be shared among it 
s a result, data management in particular is a key aspect of 

storage in the cloud. Data in the cloud is distributed across multiple sites and 


the maj or comp 


may 
impo f : s 
In order to address these issues and many other important data issues, there is 
a need for a database management system for cloud data. The database f 
management system shows the mechanism of storage and retrieval of user 
data with maximum efficiency, taking into consideration the appropriate security 
policies. The database management system always provides data independence. 
No change is made to the storage mechanism and shapes without modifying ' 
theentire application. There are several types of database organization, relational 
database, flat database, object oriented database, hierarchical database. 

Structured data work with relational databases while non-relational 
databases work with semi-structured data. The non-relational database is known 
es This category of database has been steadily adopted in recent 
PA the emergence of big data applications, since the purpose of gea 
in dealin onal databases is to overcome the limitations of relational data "- | 
moving n big data demands. Big data refers to data that is gown : | 
technologies rapidly and is very diverse in the structure of tra : mA 
SQL) is that ^i deal with. The difference between relational data s ie 
rough keys e relational data model consists of a set of interconnecte i 

YS, while (No-SQL) is increasingly considered a viable alternati 
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86 Cloud Computing (VIII-Sem) te ponen gso servers. Relational cloud uses this informas: rkloads and 
, n — (i) partition each ; 0 periodi 
to relational databases, especially for big data applications. There are sey ion pest WAY to ae iat pres Into one or Tore pi lly 
database management systems in the computed cloud that provide a Stl | p "T. u tiple partitions ee tabase exceeds the capaci 
and analysis for both relational (SQL) and non-relational (No-SQL), Bue WIL "ine (ii) place f nine i ra d back-end machines b 
SQL big data systems are designed to take advantage of new cloud Comput > fg mar ethe number o! m dete "s oad, migrate the partitions > 
es, which makes big operational data much casier to manap I | ss" uim" ing downtime, plicate the data for availability (i... 35 
SHRISRIPES MUNCIE DEG EC cheap, | ph out caus ies so that they can ru T (li) Secure 
d faster to implement. QVI ogs the queries n on untrusted back 
and faster to implen gi and proce lational cloud system architecture is sh -ends over 
. n . . dati a [C own & 
Q.2. Explain the relational cloud architecture. M 7 ied in TA unciis and demaicafes the fristeg in in fe 31 
eO IR (S N ^v( aoti ra : nt usted Bons, 
Ans. The cloud database is constructed by collecting a number Of sites “yc depicts hia is 


The sites are also called as nodes which are interlinked by a communicatio 
network. Every single node is a database class. Each database class has i 
own database, terminals, the central processor and their individual loca] database 
management system. 

A relational database management system (RDBMS) is a software package 
with computer programs that controls the creation, maintenance, and use ofa 
database. It allows the organizations to conveniently develop databases fo, 
various applications. A database is an integrated collection of data Tecords, 
files and other objects. A DBMS allows different user application programs to 

p concurrently access the same database. DBMSs may use a variety of database 
models, such as the relational model or object model to conveniently describe 
and support applications. 

Relational cloud uses existing unmodified DBMS engines as the back-end 
query processing and storage nodes. Each back-end node runs a single database 
server. The set of back-end machines can change dynamically in response to 
load. Each tenant of the system which we define as a billable entity (a distinct 
user with a set of applications, a business unit, or a company) can load one or 
more databases. A database has one or more tables, and an associated workload, 
defined as the set of queries and transactions issued to it (the set may not be 
known until run-time). Relational cloud does not mix the data of two different 
tenants into a common database or table, but databases belonging to different 
tenant's will usually run within the same database server. 

Applications communicate with relational cloud using a standard 
connectivity layer such as JDBC. They communicate with the relational cloud 
front-end using a special driver that ensures their data is kept private (e.g. 
cannot be read by the database administrator), When the front-end receives 
SQL statements from clients, it consults the router, which analyzes each SQL 
statement and uses its metadata to determine the execution nodes and plan. 
The front-end coordinates multi-node transactions, produces a distributed 
execution plan, and handles fail-over. It also provides a degree of performance 
isolation by controlling the rate at which queries from different tenants are 
dispatched. 
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Fig. 3.1 Relational Cloud Architecture 


0.3. Explain the architecture of cloud file systems (GFS, HDFS). 
[R.GP.V., June 2017 (MCA)] 
dns. Architecture of GFS — A GFS cluster consists of a single master 
gen chunk servers and is accessed by multiple clients, as shown in 

Ig. 32. 

es of these is typically a commodity Linux machine running a P 
inte h, i. Files are divided into fixed-size chunks. Each n 
Ruster at thee Ixed and globally unique 64-bit chunk handle assigned die 
tsas Liny p1 Of chunk creation. Chunk servers store chunks on loca! 
nux files. For reliability, each chunk is replicated on multiple chunk 
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servers. By default, there will three replicas and this value 


ds á Can be ch 
user, The master maintains all file system metadata, This ing 


namespace, access control information, the mapping from files t 
and the current locations of chunks. It also controls System-w 
such as chunk lease management, garbage collection of orphaned 
and chunk migration between chunk servers. The master peri 


9 
Ide ac 


(File Name, 
Chunk Index) 


Instructions to Chunkserver 


(Chunk Handle, 


Byte Range) Chunkserver State 


Chunk Data 
Legend - 


wu) Data Messages 
—+ Control Messages 


Fig. 3.2 GFS Architecture 


GFS client code linked into each application implements the file system 
API and communicates with the master and chunk servers to read or write 
data on behalf of the application. Clients interact with the master for metadata 
operations, but all data-bearing communication goes directly to the chunk 
servers. 


Architecture of HDFS — HDFS is the master/slave structure, The 
Namenode is the master node, while the Datanode is the slave node. 
Documents are stored as data blocks in the Datanode. The default size of 
data block is 64M and it cannot be changed. If the files are less than a block 
data size, HDFS will not take up the whole block storage space. The 
Namenode and the Datanode normally run as Java programs in the Linux 
operating system. 

The Namenode which is the manager of the HDFS is responsible for the 
management of the namespace in the file system. It will put all the folders and 
files metadata into a file system tree which maintains all the metadata of the 
files directories. At the same time, Namenode also saves the corresponding 
relations between each file and the location of the data block. Datanode is thé 
place to store the real data in the system. However, all the data is not stored 0n 


Unit . jy 
|. s but wil | be collected when the system starts to fing 89 
pard dn. the required documents. the resource 
e 
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Fig. 3.3 HDFS Architecture 


ondary Namenode is a backup node for the Namenode. If there 
one Namenode in the Hadoop cluster environment, the Namenode will 
ously become the weakest point of the process in the HDFS. Once the 

us Namenode occurs, it will affect the whole operation of the system. 
eason why Hadoop designed the Secondary Namenode as the 
slemative backup. The Secondary Namenode usually runs on a separate physical 
computer and keeps communication at certain time interval to keep the snapshot 
ofthe file system metadata with the Namenode so that it can recovery the data 
immediately in case some error happens. 

The Datanode is the place where the real data is saved and handles most 
of the fault-tolerant mechanism. The files in HDFS are usually divided into 
multiple data blocks stored in the form of redundancy backup in the Datanode. 
The Datanode reports the data storage lists to the Namenode regularly so that 
the user can obtain the data by directly access to the Datanode. 

The client is the HDFS user. It can read and write the data though calling 
lhe API provided by HDFS. While in the read and write process, the client first 
reeds to obtain the metadata information from the Namenode, and then the 
lient can perform the corresponding read and write operations. 


The Sec 


04. Write about the Google file system ? 
die File System (GFS) was designed and implemented in 
dip and is considered a vital part of the GAE. GFS is a file system 
liibuted, support searching and web crawling. GFS is a proprietary 
Yplicatio file system developed by Google keeping in mind their zn 
toleran n workloads and technological environment designed to be m 
0n inexpensive commodity hardware serving a large number 0 
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can create new file, append content to the 


90 Cloud Computing (VIII-Sem) jn HDF: nen and modify file attributes, In comparison t end of file, 
clients, Google uses this as the storage platform for the data 8enerati, "n or ena in g data, Hadoop's storage can be scalable ata iiie a 
and processing used by their services as well as research efforts that equin ji hod of ia op uses commodity hardware. W Cost 
large data sets. This set-up includes data of the order of hundreds " M gus Ha . mposed of clusters. And cluster have Master nod 
terabytes stored over thousands of disks covered by thousands of Machine, be padooP 15 ai e fig. 3.4. Master node is also known as name de = 
GFS is probably the largest file system in the world that is in Operation, l n. show? p slave nodes. R node which 
is highly efficient and scalable. Google has reported that the number g | 7 jgns jobs t° :obs to the slave 
users using Google has grown significantly over time, and sometimes at ass ide gssignine J manages the 
! rapid rate. , master ens All the 
n na : 
Q.5. What are the features of Google file system ? (ie syste store in the form o f 


[R.GE.V.,, May 2019 (MCA |. getails ? image and edit log. ^ Master 


MN s e1 
Ans. Google file system (GFS) is a distributed file system built for large LM o onlyone master node, Node 
distributed data intensive applications like gmail etc. Originally, it was built t custere ay have mu Itiple slave 
store data generated by its large crawling and indexing system. The files pane function of slave nodes 
nodes. :n the form of blocks 


generated by this system were usually huge. Maintaining and managing such 

| huge files and data processing demands was a challenge with the existing fil 
systems. The main objective ofthe designers was building a highly fault tolerant 
system while running inexpensive hardware. é 
The features of Google file system are as follows — 

(i) Fault tolerance. 

(ii) Critical data replication. 

(iii) Automatic and efficient data recovery. 

(iv) High aggregate throughput. 

(v) Reduced client and master interaction because of large chunk 


Fig. 3.4 Hadoop Cluster Node 


and 

mast ee eee 
the HDES is a distributed system which is suitable for running on the 
ommodity hardware. There are many common characteristics in the existing 
distributed systems but the differences between them are also obvious. HDFS 
isa high fault-tolerant system and relaxed the parts of the POSIX constraints 


i provide high throughput access to the data so that it can be suitable to 


applying on the big data. 

0.7. What are the features of HDFS ? List out the characteristics of 
HDFS. 

Ans. The Features of HDFS — HDFS is not a general-purpose file system, 
as it only executes specific types of applications, it does not need all the 
requirements of a general distributed file system. For example, security has 
‘ever been supported for HDFS systems. 

Characteristics — The characteristics of HDFS are as follows - 

(t) HDFS fault tolerance 
(i). Block replication 
(t) Relica placement 
ro Heartbeat and block report messages 
) HDFS high throughput access to large dataset. 


0.4. Gi > 
y i 4 comparison between GFS and HDFS. 
© Comparison between GFS and HDFS is shown in table 3.1. 


server size. 
(vi) Name space management and locking. 
(vii) High accessibility. 
The largest GFS clusters have more than 1000 nodes with 300 TB disk 
storage capacity. 


Q.6. Discuss in detail about Hadoop Distributed File System (HDFS). 
(R.GP.V., May 2019) 


Ans. HDFS also known as Hadoop Distributed File System is one the 

Hadoop components which handles the storage of big data. When users need 

to add more storage in the system, then they can easily increase the storage 

capacity by adding servers. HDFS consist of number of clusters depending 

upon the user configurations. The cluster consists of Master and Slave nodes. 

The data in the Hadoop cluster are broken into many small blocks which af 

128 MB sizes by default. These blocks are stored in the different slaves" nodes 

| in the Hadoop clusters. These blocks are highly scalable and can be increased 


| when needed. 
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92 Cloud Computing (VIII-Sem) - diverse demands placed on the system diia 
4n ihe y Ju resource locator) sha (o satellite imager, © Rating 

Diis ff (7 (unl rs distributed, persistent mult-dimensione| y 
csign goals stores a hug Provide pow of distribution in database load balancing nto tablets 


y a 
Yes MT un and havc à maximum size of 64 KB, and m row keys 
arary 8 7^ rhe row key range partitioning can be iiu 


te atomic. , + ae 
J "Td 4 clíent design to limit the communication caused by 


high aggregate data 
bandwidth and it has 
scale to hundrads of 1 


ber of files, totaling 
many terabytes of data. 


e notes ina single cluster n Pit 
: is We aid more fop Hol q small amount of machines in the cluster. 
atch processing ratha) | 6 series Y file system (GFS) as a sto 


than interactive use by 
users. 


Name node and data 


nt distributed file system, which works with b 
P JA standards ). To achieve reliability and availability, file oe Es 
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Database files ($9) therefore it ca 
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tis architecture significantly simplifies system's design. 


0.10. Explain the architecture of bigtable. 

Ans. Bigtable has three main components, one master server, several 
wlt servers and clients. Depending on the workload tablet servers are added 
edremoved from a cluster dynamically. Master server is in charge of assigning 
wlets to tablet servers, balancing tablet server load, garbage collection and 1 
“ction, addition and expiration of tablet servers. Besides that it manages | 
anges in the schema (ex. table and column family creation). Every tablet 
Mesi several tablets (between ten to thousand tablets per tablet | 
Eh : : server splits tablets that have grown too big and manages write 

ane ests for loaded tablets. 

Mem 3 : : acl distributed storage system. In order for clients ' 

t and most of ET they have to communicate directly with tablet 

liable clients do € clients never communicate with the master because 

Tetefore, the eei not obtain tablet location information from the master. 
ity Is that the master is not loaded most of the time. 


like capabilities on top 
of Hadoop core, 


HDFS security is based 
on the POSIX model o 
users and groups, 


Google has dozens of 
datacenter for redun- 
dancy. These datacen- 
ters are in undisclosed 
locations and most are 
unmarked for protection. 


TCP connections are 
used for communication. 
Pipelining is used for 
data transfer over TCP 
connections. 


Security 


toa ARM = 


RPC based protocol on 


Communication 
top of TCP/IP. 


| Q.9. What is bigtable ? Describe the main features of bigtable. 

Ans. Bigtable is Google's proprietary distributed database managemen 
architecture designed for managing structured data while providing high 
scalability and performance. Many of Google’s own services, such as Googl: 
Earth, Google Analytics, Orkut, and web indexing, utilize bigtable as the 
underlying data storage. Bigtable is also designed with flexibility in mind 0 
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Ans. Bigtable is Google's proprietary distributed database manageme 
architecture designed for managing structured data while providing high 
scalability and performance. Many of Google’s own services, such as Googl 
Earth, Google Analytics, Orkut, and web indexing, utilize bigtable as the 
underlying data storage. Bigtable is also designed with flexibility in mind © 
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ae Pil sorted map. The map is indexed by a row key, column | 


nd a timestamp, and ordered by a Ey key. Client applications can access 
lia either by row key or by range of row keys. 


(ii) Strong Consistency — Bigtable stores data in GFS as immutable 


fies (SSTables) and does not replicate data in bigtable level (as opposed to the 
(FS), therefore it can be considered as strongly consistent. 


(iii) Single-master — Bigtable, as well as GFS, is designed with a 


centralized approach — a single master node maintains all system metadata. 
This architecture significantly simplifies system's design. 


0.10. Explain the architecture of bigtable. 


Ans. Bigtable has three main components, one master server, several 


iiet servers and clients, Depending on the workload tablet servers are added 
M cR from a cluster dynamically. Master server is in charge of assigning 
E Een, balancing tablet server load, garbage collection and 
tangs FA ition and expiration of tablet servers. Besides that it manages 
“ver mana © schema (ex. table and column family creation). Every tablet 

855 several tablets (between ten to thousand tablets per tablet 
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‘nd tead Set server Splits tablets that have grown too big and manages write 
V requests fi 


or loaded tablets. 
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Nb, client. uo! the clients never communicate with the master because 
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age Cluster stores several 
es. Each table contains set of 
tablets and each tablet us 
A Sa = acus et stores all the data 
acie with a row range. In the 
*ginning, each table contains one 
tablet but with the growth of table it is 
split automatically into multiple tablets 
(default size is 100-200 MB for each). 
Other components ofa bigtable system 
are GFS (persistence layer), Google 
MapReduce (for sorting tasks), 
Chubby (Meta data, configuration, 
distributed locking). 

A bigtable cluster generally runs 
on a shared machine pool, often 
overlapping processes from other 
services, and is reliant of Google’s 


Google File System (GFS) 
Raw Stornge 
Stores Persistent State 


Lock Service Distributed 
Managements of Locks 


Google MapReduce 
for Data Processing Used to Read/Write 
Data 


Fig. 3.5 Architecture of Bigtable 


other technologies. Bigtable operates on Google file system (GFS) and uses j 
to store log and data files. The data is stored in SSTable file format that provide 
a “persistent, ordered immutable map from keys to values”, lookup operations 


for value retrieval by a key, and iterating over a range of key-value pairs, 
Resource locking is performed by Chubby, a “highly-available and 

persistent lock service” utilizing the Paxos algorithm. Chubby is used by bigtabl 
for following tasks — 

(i) Master server management ensuring there is only one masterat 
a time. 

(ii) Discovering and finalizing the death of tablet servers. 

(iii) Storing column family information (schema) for the bigtabl: 
instance. 

(iv) Storing access control lists, and 

(v) Storing bootstrap information location for bigtable data. 


Q.11. Describe the main components of bigtable. 
Ans. The three major components of bigtable are as follows — 


(i) The Master Server — This is the first of the major componens 
of the bigtable. The master server keeps track of the pool of available table 
servers and manages the server tablet machines by assigning tablets, handli 
column family schema alterations, detecting changes in the tablet server clust 
balancing load on the tablet server cluster, and handling garbage collection” 
the file system. The master server is not under a heavy load due to clie" 
communicating directly with the tablet servers thus not requiring data t0 pe 
through the master server. 
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ie also divides tablets growing too large into smaller dee 
5, 


Ponents, the 


nd directs requests to appropriate tablet Servers and 
an 


s back to the client application. 


and us 


omputing 
ure feature of 


erfectly. : 
i Architecture of Hbase — Hbase is the storage layer in the Hadoop. Its 


underlying storage support is HDFS, using the MapReduce framework to 
process the data, and cooperate with the ZooKeeper. The architecture of Hbase 


is shown in fig. 3.6. 
The four key components are as follows — 


(i) Hbase Client — The client is the user of the Hbase. It takes part 


inthe manage operations with HMaster and read/write operations with 
HRegionServer. 


(ii) ZooKeeper — ZooKeeper is the collaborative management node 
: ue It can provide distributed collaboration, distributed synchronization, 
configuration functions. The ZooKeeper coordinates all the clusters of 


Hb ; : s 
need using data which contains the HMaster address and HRegionServer 
tus information, 


"poni. pi Master — HMaster is the controller of the Hbase. It is 
HRegionServer 1 adding, deleting, and quering the data. It adjusts the 
"gion will Io» oad balance and the Region distribution to ensure that the 
LT € to the next Region when the HRegionServer suffers failure. 


me tj 
Me, th a 
lhe » Mere js ; : ae 
node failure always a Master Election mechanism working in case of 
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96 Cloud Computing (Vill-Sem) the comparison of RDBMS and Hbase, 
mnpariso” of RDBMS and Hbase is as follows — 
The co Table 3.2 


(iv) HRegionServer — WRegionServer is the core COMpone, Ü 
" i iti ] 
Hbase. It is responsible for handling the reading and writing request, i! Ans: 
users and performing the corresponding operations on HDFS, * 


. 
* 
* - 


A sparse, distributed, persistent 
multidimensional sorted map. 


Bytes; data types are interpreted 

on query. 

Hadoop-clustered commodity x86 

servers; five or more is typical | scalable multi- 

because the underlying storage | processor systems, 

technology is HDFS, which by 

default requires three replicas. 

Yes; built into the Hadoop Yes, if the hardware 

. and RDBMS are 
configured correctly. 


Row-key only or special table | Yes 
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StoreFile 
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HRegionServer 


availability architecture 
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DataNode 


Indexes 


required. 
Query Hbase API commands (get, put, | SQL i 
language scan, delete, increment, check), 
HiveQL 


Fig. 3.6 Hbase Arch 


MemStore 


StoreFile 


is often compared with the traditional | 


Store 


Hbase, as the representative database, i i 
RDBMS. The design target, implementation mechanism, and running 


performance are different. Due to the reason that the Hbase and RDBMS can 
replace each other in some special situations, it is inevitable to compare RDBMS 
with Hbase. As mentioned before, Hbase is a distributed database system and if 
the underlying physical storage uses the Hadoop distributed file system. It 
does not have particularly strict requirements on the hardware platform. 
However, RDBMS isa fixed structure database system. The difference between 


eir design goals makes them have the greatest difference in the implementation 
mechanism, 


DataNode 


MemStore 


StoreFile 


StoreFile 


HBASE Client 


HRegionServer 


0.14. What are the differences between bigtable and Hbase ; j 
asvaH Ans. The difference between bigtable and Hbase are given in table 3.3. 
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Table. 3.3 ra icated schema. F " not Reed a 
, ecentralizati 
Bigtable , CO j symmetry an fiia ne ~ Dynamo ig - 
| ( g system where every node has the same set of Pd OMplerejy 
At new master start-up tablet [Zookeeper does noi have s paliZze® 7 here is no single point of failure and on! PONSibilitie, a 
server list is read from Chubby |ction, region Servers unl fi, us. Thus. t waded Only minimal manual 
and master asks for metadata — |data to masters themsely : meg ||. isP istration is n " 
bl ers. in m. Fventual Consistency — Dynamo's main goal i , 
to tablet servers (iii) fore, according to the CAP theorem itcannotbe fu 1 be highly 
Bigtable uses microseconds. — |HBase stores times, „ple, here oT i ^" ully consi 
5 seconds. amps in tili Lr provides an eventual consistency, that is, aj updates reach n tea 
; [n 
Bigtable relies on GFS (Google |HBase works with Hadoop |. ,ntally. i 
File Systeri): buted File System (HDEs), Dis | ox j 1h Write down the comparison between dynamo and bigtable 
It can also run on other file Systemy yn The comparison between dynamo and bigtable is Biven in table 
igtable can store files into HBase cannot store files; 
Bigtable les into memp 34. Table 3.4 


memory. 


Bigtable implements a key/value} HBase has an option to skip the commi category | — Dynamo — | Bigtable 
cache, has two commit logs and |log completely on writes for perf, ga No replication in Big 
is able to select which one to use. | mance reasons. Ackoss deitcentars raens d 


Bigtable can memory-map entire 
storage files and use them to 

perform lookups without a single 
disk seek. 


HBase has an in-memory Option p; 
column family and uses its LRU Cache 
to retain blocks for Subsequent use 


single data center. 


Reads — merge of SSTables 


and memtable 
Q.15. What is dynamo ? Give its key features. Writes — tablet log and 
Ans. Dynamo is a collection of key-value pairs that are indexed and — 
retrieved by the primary key, providing only simple read and write operations Vector clocks with 
to the data item uniquely identified by the key. The lightweight nature of the Concurrency | onciliation during Copy-on-write 
data structure and operations help key-value stores gaining performance, Control reads 


but it comes with the cost of the more advanced features such as complet 
querying. Due to key-value stores tying all data manipulation strictly to tht 
keys, the rest of the data is opaque to the query. In comparison to othe 
types of stores, the simplicity of the data model grants higher performance 
but at the same time prevents any operations to non-key fields. Similarly 
due to the database operations' single-key restriction, operations spanning 
multiple items are not supported. The schemaless data store is designed fi 
applications and services with relative small data item sizes, usually less thi? 
l Mi. 
The key dynamo’s features are as follows — 


(i) Key-value Data Model — Data re stored as objects which 
identified by unique keys. Only two operations on data are supported -ei 
value with the specified key. This simple data model was chosen aller 
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; ation Space and offers an easier inte d" Uniti 4p, 

| MAPREDUCE AND EXTENSIONS — PARALLEL COMp " m ‘algorithms. Some of the Their ; pe . 

|. THE MAPREDUCE MODEL — PARALLEL EFFICIE VOTING yg amenn iF 
| MAPREDUCE, RELATIONAL OPERATIONS, ENTERp OF "TNT of software projects for rica 

|. BATCH PROCESSING, EXAMPLE/ APPLICATION OF mse | [9 o Peg is Apache Hadoop. The complete gry tl 

| REDUCE pu zi "s C entation of the Map e uce framework aided bra an open. 

NH. imple™ m. The initiative comprises two Proje GFS-like 


t . f cts, 
4 file i Hadoop Distributed File System (H namely, Hadoop 


0.17. Explain the concept of MapReduce. yte DFS). nee 
[R.GPV, Dec. 2014 (MCA ), 2015 H duct an ree Google File System. Ha doop one. DFS is an 
Or Mc4y NaF enation ad abstractions of Google MapReduce, Hadoo e offers the 
Explain the concept of MapReduce in cloud management, m ) features 7 e rted by Yahoo. Now, it constitutes the — Initially 
[R.GPV, Dec, 2916 oped s 5 5 lication. Hadoop has a very robust community of de, and 
Ans. The concept of MapReduce is introduced by Google, Mapr Ag! él dat eee it. The world’s largest Hadoop cluster has been ca es 
a programming platform to process huge amount of data, Here E Uce ig aves te" pines and more than 300000 cores. Now, the Yahoo dre 
reduce are the two simple functions used to represent the computation ài y 40000 Ped to academic institutions all over the world. 
of an application. The distributed no d infrastructure completely hand quet D ;; — A platform that permits the analysis of huge am 
the data transfer and management. Distributed storage infrastructure; (i) es vs developed like an Apache project and Site 2 m 
in-charge of providing access to data, replicating files and finally moving they pa sets ÍS Pig. = Tor representing data ametis programs n i : 
wherc required. Hence, these issues are not handled anymore py develops, gne! ae evaluating these programs. Pig ihlistirüélinet la s 
and are offered with an interface which offers data at a higher level like fase ompiler fora high level language that EEEE 
collection of key-value pairs. Then, the MapReduce applications computation composed ofa a es which are execute dion topof distributed mibi 
is arranged in a workflow of map and reduce operations. These Operations an. yapReduce prO - acer is Bie Itn i debt emen deas = 
fully managed by Be DDR SUN OR evel have only to menti ES a ARR Pig Latin reveals a SQL-like interface and it is characterized 
ae ae oid RN i HN vi poe we pens Me MapReduce sx n rface with respect to MapReduce, major expressiveness, and 
programming model is represented in the form of the two functions - map bya familiar inte à 


reduced programming effort. 

(iii) Hive - An Apache initiative that offers a data warehouse 
infrastructure on top of Hadoop MapReduce is Hive. Hive gives tools for ad- 
hoc queries, data summarization and analysis of large quantities of data. On 
the other hand, the framework offers the same capabilities of a classical data 
warehouse. However, it does not show the similar performances, particularly, 
in case of query latency. This is the reason why it does not make a valid 
solution for online transaction processing. The benefit of Hive is in the ability 
of providing a data warehouse infrastructure in environments where there is 
teady a Hadoop system running. The main benefit of Hive is in the ability to 
sale out because it depends on the Hadoop framework. 

(iv). Map-Reduce-Merge — An extension to the MapReduce model is 
Reduce Merge which introduces a third phase to the standard emi 
E ud third phase is called as Merge phase, which ron ee a 
n è data already sorted and partitioned through map and reduce functions. 
Pep Reduce-Merge framework offers an abstraction capable to represent 


and reduce. These functions are written as — 
map (kl, v1) list (k2, v2) 
reduce (K2, list (v2)) list (v2) 

A list of different key-value pairs is generated by the map function after 
reading the given key-value pairs. Then, a pair composed by a key and a listof 
values is read by the reduce function that generates a list of values of the same 
type. Here, the output of map function is aggregated together by combining 
the values on the basis of their corresponding keys and forms the input for 
reduce function. In reduce function, the list of attached values is reduced to 
a single value for each of the keys found. Thus, the MapReduce computation 
input is represented as a collection of key-value pairs and the output is represented 
by a list values. 


0.18. Explain some of the variations and extensions of MapReduct. 


Ans. A number of variations and extensions to the original MapRott 
model have been proposed due to its limitations. Their objective 15 to exte 


n of E = 
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die common relational algebra operators and several join al 
acilitates the heterogeneous related datasets management, 


(v) Twister — An another extension to the MapReduce jg Twi 
Which enables the creation of iterative executions of MapReduc : 
The model proposed by Twister gives the following extension — 
(a) Configure map 
(b) Configure reduce 
(c) Repeats till condition true 
(1) Execute MapReduce 
(2) Apply combine operation to result 
(3) Modify condition 
(d) Close 


Additional features provided by Twister are the introduction ofan addition 
phase known as combine execute at the end of the MapReduce job, the ability 
for map and reduce tasks to refer to static and in memory data, and other tools 
for data management. 


80rithms : 
Wi 


ler 
C Process. 


Q.19. What are the various alternatives to MapReduce ? Explain. 
Ans. Some alternatives to MapReduce are as follows — 


(i) DryadLINQ — A Microsoft research project investigating 
programming model for writing parallel and distributed programs to scale 
Tom a small cluster to a large data center is Dryad. Dryad aims at offering 
nfrastructure for automatically parallelizing the execution of application. 
Developers in Dryad can represent distributed applications like a collection of 
sequential programs which are joined together using channels. Direct Acyclic 
Graph (DAG) is used to represent Dryad computation. Here, in DAG sequential 
programs denote nodes and the channels connecting such programs denote 
vertices, Duc to this structure, a superset of the MapReduce model is considered 
by Dryad because its general application model permits expressing graphs 
representing MapReduce computation as well. Dryad revealed an interesting 
feature - dynamic modification of graph to certain extent and of dividing the 
execution of graph into stages, if possible. This infrastructure is employed to 
serve various applications and tools for parallel programming. DryadLINQ is 
one of them. ltis a programming environment which generates Dryad 
computations from the Language Integrated Query (LINQ) extensions to C£. 
The resulting framework ables to represent various distributed computing, 
models and gives a solution completely integrated into the .NET framework 


(ti) Sphere — The distributed processing engine that leverages tht 
Sector Distributed File System (SDFS) is Sphere. Sphere enables the develop 
to represent the computation in terms of User Defined Functions (UDFs) and 
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eam processing model (single program multiple data). A 
of UDFs, which are executed against the distributed 

mits Sphere to represent MapReduce computations, For 
P nae is built on top of the sector's API. Programs that read 
p re used to represent UDFs. A data structure which gives 
sa n of data segments is a stream. The collective execution 


$ the str 


ment pination 


:« sent by a Sphere client to the master node which returns 
c hen, the client will select the slaves where to run Sphere 
ilable pu MP the entire distributed execution. 
san 


p (ii) All-pairs — For the optimized execution of data ips 
-pairs is an abstraction and a run ume environment. A I-pairs 

workloads, All im n in terms of the All-pairs function. This abstraction is 

offers a0 gne scientific computing domains and described as — 

general in us airs (X : set, Y : set, F : function) — M : matrix 

odel edid by the All-pairs function can be solved by the 


The m 
algorithm given below — 


For each $i in X 
For each $j in Y 
Submit job F $i $j 

Generally, this implementation is quite naive and gives as Ba. 
Apart from, other problems like Ed teney, Oe cay =a 
of failure, and available compute nodes are not ha Pe P us 
i ll-pairs model by introducing a specification 
one of aie Ane aa engine that optimizes the distribution of tasks 


over a conventional cluster or grid infrastructure. 


0.20. Discuss development of parallel computing. that period 

Ans, Parallel computation was appeared in the early pecan dne 
the transistor and core memory showed up. The processing unit d w lopment of 
and the memory became more compact and cheaper. p MR During 
these technologies gave rise to the occurrence of paralle ry maltiprocessór 
this period, the parallel computers are mostly shared memory 
Systems in small scale which called the mainframe. . idly in the 

For a long time, parallel computing has been developing a architecture 
field of high performance computing and the parallel PRT nic 
has also been in constant changing. The platform relied by e : T task is 
I5 called parallel computer which is composed of multiple nodes. ie ety 
decomposed to various nodes and runs in parallel on canes h other. It 
Parallel node is not the completely independent host between eac 
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more likes various modules of one host. In the 1990s, accompanying With 
development of network equipment, MPI/PVM and the release of PIRE 
programming standards, cluster architecture of parallel computer has te 
emerged. At this time, the node of hardware platform of parallel computin,. 
the independent host. Modem architecture of parallel machine has symmetri, 
multi-processing (SMP), distributed shared memory (DSM) parallel Machin 
massively parallel processor (MPP) and parallel vector processor (PVP), The 
architecture of parallel machine are mainly used for high Performane, 
computing in specific areas. This is the foundation of cloud computing ~ p 
birth background of PC cluster of workstation. Parallel computing has 
brought into peopie’s lives by PC cluster due to the rapid development Of the 
microprocessor performance and network bandwidth 


Q.21. Discuss about the implementation of parallel computing. 


Ans. The implementation of parallel computing has two levels. First, itis 
the multi-core parallel computing and the multiple CPU in a single node. Although 
the parallel computing in single node is not the mainstream of implementation 
of cloud computing, multi-core is a very important aspect for a single node t; 
improve the performance currently. Second, for cloud computing, the parallel 
between cluster nodes is emphasized more. At present, the nodes among cluster 
are usually connected by IP network. On the premise of enough bandwidth, 
each node is not restricted by geographical and space. So the parallel computing 
in cloud computing is called distributed parallel computing for many times, 
However, multi-CPU and multi-core are the trend of host development. So 
within a cluster, the parallel requirement of general level is existed such as the 
parallel between cluster nodes, multiprocessor within node internal and multi- 
core parallel. The parallel computing between nodes is equivalent to distributed 
parallel computing as we often said. Different from mature virtualization 


products, parallel computing has no mature products while only has the 
relatively mature tools. 


The realization of parallel computing relies on the familiar with business 
by developers and users as well as the correct and skilled use of parallel tool. 
There are three steps for parallel application software development and use. 

(i) On the demand analysis Stage, according to business 
characteristics, the task is divided into multiple tasks, which can be executed 


2 in parallel as much as possible. This is the basis of the realization of parallel 
computing and it always be the most effective phase. 


(ii) During the designing and coding phase, parallel tools are used 
for program design. The parallel technology used in this stage is the most key 
technology which is not only difficult but also not mature. Moreover, most of 


technology applied at this stage #! 
the moment. 
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deployment 
c used in deployment stage. Through the deploy 


i : ment, this stage 
iion palancing of occupied equipment. Load balancing in 
f achiev ging to parallel computing. The method used in nra 
0 common 


pelos vice such as F5 switches, the ESB and etc. The technology 
m ee is relatively mature which has been widely used in the 


raw and explain MapReduce programming model, 
A MapReduce computation workflow is illustrated in fig. 3.7.A 


Ans. f input data files is given by the user. This collection is represented 
ieri us list of (k1, v1) pairs, and defines the map and reduce operations. 
then? 


ta files are entered into the distributed file system supporting 
and divided in order to be the input of map tasks, if required. 
hë intermediate files are produced by map tasks. These intermediate 

the collections of (K2, list (v2)) pairs and are stored into the 
files eee system. The values corresponding to the similar keys might be 
distributed fi she MapReduce runtime. The intermediate files are then given 
gs input to © k operation is represented as an aggregation 

: rally, the reduce task ope p . 

of s w es fey are mapped by a particular key. The MapReduce runtime 
ge nsible for the creation of map and reduce tasks, and how many tasks 
sr ed to a single reduce task. The distributed file system supporting 
RAE is responsible for the way in which files are moved and stored. 
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Fig. 3.7 MapReduce Computation Workflow 


| 


~ key-value pairs (key, value’) and Jists Map(kl, v1) — list (k2, v2) 


106 Cloud Computing (VIII-Som) 


Q.23. Discuss in detail about Hadoop MapReduce. 


Ans. A Hadoop MapReduce job mainly consists of two USCT-defip, 
functions — Map and Reduce. The input of a Hadoop's MapReduce job js p » 
of key-valuc pairs (k, v) and the map function is called for cach of these Dairy 
The map function produces zero or morc intermediate key-value pairs (i, yj 
Then, the Hadoop's MapReduce framework groups these intermediate key, 
valuc pairs by intermediate kcy k' and calls the reduce function for cach Boup, 
Finally, the reduce function produces zero or more aggregated results, 

The term MapReduce actually refers to two scparate and distinct lash, 
that Hadoop programs perform they arc Mappers and Reducers - 

Map Job — The first is the map job, which takes a set of data and converg 
it into another set of data, where individual clements are broken down iny 
tuples (key/value pairs). 

The map or mappet 's job is to process the input data, Generally the inpyy 
data is in the form of file or directory and is stored in the Hadoop file system 
(HDFS). The input file is passed to the mapper function line by line, The 
mapper processes the data and creates several small chunks of data, 

The map function produces zero or more intermediate key-value pairs 
(key, valuc'). Map function takes one pair of data with a type in one dat; 
domain, and returns a list of pairs ín a different domain. After that, the 
Mapkeduce framework collects all pairs with the same key from all lists and 
groups them together, creating one group for cach key. 

Mapfkl, v1) — list (k2, v2) 

Reduce Job — The second is the reduce job, which takes the output ofa 
map job as input and combincs thosc data tuples into a smaller set of tuples, 
The Reduce function is then applied in parallel to cach group, which ín tum 
produces a collection of values in the same domain. 

Reduce (k2, list (v2)) —» líst(v3) 

Reduce stage is the combination of the Shuffle stage and the Reduce 
stage, The Reducer’s job is to process the data that comes from the mapper. 
After processing, it produces a new set of output, which will be stored in the 
HDF S, 

5 Step Process of MapReduce — 

Step 1 ~ Prepare the Map( ) Input — Set of key-value pairs (k, v) 

Mep 2 - Run the User-provided Map( ) Code — Generate intermediate 


Step 3 — "Shuffle" the Map Output to the Reduce Processors — The 
MapReduce system designates Reduce processors, assigns the k2 key-value 
cach processor should work on, That is, worker nodes redistribute data based 
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A ry wo gun the User-provided Reduce( ) Code — Reducef ) is run 


Worker 


Files 
Map Tasks Intermediate Files Reduce Tasks Output 


Fig. 3.8 MapReduce Working Process 
ming model of parallel 


Input Files 


0.24. Explain the MapReduce program 
computing. 

Ans. A MapReduce is a programming architecture based on - 
computing system proposed by Google and is a kind of parallel gii 
model which can deal with huge amounts of data for parallel irpo 
large-scale data set. The concept and main idea of "Map and "Reduce $ ] 
both originated from functional programming language and vector pie 
language. Due to that MapReduce has common characteristics o sity 
and vector programming language, this programming model is edm E y 
tuted for searching, mining, analyzing and machine intelligence F i 
unstructured and structured mass data. It can greatly simplify the diffic a : 
Parallel programming. Originally, some computational problems are very cor 
but We have to deal with complicated details, fault-tolerant mechans 


automatically. During operation, system can solve the distribution problemo 
input data, which came across the program execution and scheduling of cluster 
nodes and deal with the failure of processing nodes and communication 
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, management nodes. Therefore, the compilation of parallel programs 
awe? the ‘er, The programmers can use the resources of large distibuted 
ants eil the concurrent processing or distributed programming 
cm er {eanwhile, it has great economic efficiency by high performance 
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well as the data distribution policy, load balance and so many details Which 

hi the complicated and difficult program code. Therefore, all these prob ^ 

m computing applications can be wrapped in a library and be responsible p 
i 


System as a whole. Otherwise, the computing task of data is abstractey "d rr posed by general PC to achieve super high performance. And 
Map and Reduce. The source of this abstraction is based on the Lisp ang M, cluster ee also has good generality: 
and Reduce concept of many kinds of functional language. Many computin, papke ibe relational operations in MapReduce. 
tasks of data are related to Map. The Map ìs responsible for processing Q25. pamm b rations are as follows- 
logical +? fi di a fad e relational alge ra Ope o 
gical record among input data and produces a set of intermediate Key, dns. Som 


ion — Apply a condition C to each tuple in the relation and 


i d th tion to all intermediate results wp: , ti 
B re p () Se se tuples that satisfy C. The output of this selection 


have the same key. The intermediate results from Map should be merged " 


then generated the final results. d by o (R)- 


;) Projection — For some subset S of the attributes of the relation, 
iid each tuple only the components for the attributes in S. The 
oe projection is denoted by x,(R). 

(iii, Union, Intersection and Difference " These well-known set 
ions apply to the sets of tuples in two relations that have the same 
een are also bag (multiset) versions of the operations in SQL, with 
idi unintuitive definitions. | 
ys (iv) Natural Join — Given two relations, compare each pair of tuples, 

from each relation. If the tuples agree on all the attributes that are a 
A two schemas, then produce a tuple that has components for iin of : 
icis in either schema and agrees E guum ee = pu : 

disagree on one or more share | . 
diria pee The natural join of relations een We us E 
s, While we shall discuss executing only the natural join mit ^ p Mer 
equijoins (joins where the tuple-agreement condition n P Mie we, 
attributes from the two relations that do not necessarily have the 


can be executed in the same manner. 


0.26. Write short note on batch processing. — 

Ans. Batch processing is a store-and-process pis ind 
collected, entered, processed and then the batch results ed bus 
There are two kinds of this model. First, when results viis gi " r hand 
scheduled task it is called traditional batch processing. ons eh 
there is the service-oriented architecture or simply SOA pc of a 
In this model tasks are performed when a user requires t 4 Is are shown 
specific batch. It is widely used in relational data. Both mode 
in fig. 3.10, T ; SS 

Batching processing is used in environments where it IS sae ds 
all the data at a time. However, processing all information at a time P 


P pit 0 


Fig. 3.9 MapReduce Programming Model of Parallel Computing l 


For large-scale data set operation, MapReduce is managed and controlled 
by a main node. The concrete computing tasks is accomplished by sending to 
various sub nodes from the master. In this way, MapReduce achieves reliable 
execution and fault-tolerant mechanisms of parallel tasks. In each time period, 
the master node will mark the working condition of various sub notes, Once 
marked for death, all the tasks of this node will be assigned to other sub nodes 
for re-performance. ag 

Compared with traditional distributed programming mode, MapRedutt 
has packaged the parallel processing, fault tolerance, localized calculation, 
load balance and other details and also provided a simple and powerful interface 
By this interface, large data computing tasks can be concurrent and distributed 


pongia n 
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disadvantages. First, it has turnaround time. This means the lime take 
Submitting the job and getting the output, which includes the inf Pet 
related to the jobs are included in the job. For this reason it jg a high] 
consuming model when there exists huge amount of data. ATI processes Y lin 
produce a nonlinear behaviour and that is what produces uncertainty ah won 
execution time. zw 
For these reasons batch processing is commonly used in Scenarios 
there is a large amount of data processed and saved. Also, when a ree 


: Teal ti 
response is not required. lm, 


(b) SOA Batch Processing 


Fig. 3.10 Batch Processing 


Q-27. Discuss in detail about Map and Reduce operation ? 


Ans. The Map operation applies computation of key/value pairs in an 
input and Reduce operation combines all the result value that is computed 
from the result of Map operation. As shown in fig. 3.11, the users divide the 
input files in different blocks of 128 MB size and these blocks generate the 
number of copies program in the clusters. Every cluster has different programs 
with one master node and several data nodes. Data nodes are also known as 
n nodes and may be assigned Map work or Reduce work by the master 
node. 

Once the user defines the input files, the master node assigns the worker 
node for Map function. Those worker nodes who are assigned for Map work 
reads files from different input files and writes the file in local disk. Once the 
Map worker nodes finished their work by writing the result in local disk, 
another sets of worker nodes are assigned for Reduce function. The assigned 
worker nodes read the files from local disk and write it to the output files. In 
this way, the retrieved process is completed in the Hadoop MapReduce. 
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^ (4) Local 
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Reduce 
Phase Files 


Map Intermediate Files 
Input Phase (On Local Disks) 


i Fig. 3.11 Map and Reduce Operation 
? Explain main components of Hadoop. 


Ans. Hadoop is an Apache-managed software = = duisi 
MapReduce and Big Table. Hadoop allows Cum c = —— 5s 
to run on large clusters of commodity oaa s n se : 
basis for the computing architecture underlying Soe anew 
designed to parallelize data processing across comp 


j [ Hadoop exist - 
computations and diminish latency. Two major a ee of anil 
a massively scalable distributed file system that can suppo petaby 


i ults in batches. 
and a massively scalable MapReduce engine that computes pue ct 
Components of Hadoop — Two main components 0 


follows- 


0.28. What is Hadoop 


- HDFS is the 
System (HDFS) 
f the cluster, HDFS breaks it 
fferent servers participating 
f the complete data set 


(i) The Hadoop Distributed File 3y 
storage system for a cluster. When data lands in ! 
into pieces and distribute those pieces among the di 
in the cluster, Each server stores just a small fragment o 


and each piece of data is replicated on more than one se l 
i : ntire data set I small 


, (ii) MapReduce — Because Hadoop stores the e dt parallel " 
Pieces across a number of servers, analytical jobs can be d Pics e question 
*àch of the servers storing part of the data. Each server and: for collation 
against its local fragment simultaneously and reports its res 


rver. 


n 
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into a comprehensive answer. MapReduce is the agent that distributes 


and collects the results. Both HDFS and Map Reduce are designed to dew 


to work even if there are failures. HDFS continuously monitors the 
on the cluster. If a server becomes unavailable, a disk drive fails 
damaged due to hardware or software problems, HDFS automatica] 
the data from one of the known good replicas stored elsewhere op | 
MapReduce monitors the progress of cach of the servers Particip 
job, when an analysis job is running. If one of them is slow 
answer or fails before completing its work, MapReduce automatic 


ally 
: 'c . y 
another instance of the task on another server that has a copy of the dai 


he Chas 


Compute Cluster 


DFS Block 1 mmy 
Ma 
DFS Block 1 


Data 
date data data data 
Gata data dato data data 
data data data date data 


dats date data data data 
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Fig. 3.12 HDFS & MapReduce 


Because of the way that HDFS and MapReduce work, Hadoop provides 


scalable, reliable and fault-tolerant services for data storage and analysis at 


Q.29. Explain the ecosystem of Hadoop. 


: Ans. Hadoop is an Open source framework maintained by the Apache 
dac for reliable, scalable and distributed computing. According to the 
website hadoop.apache.org, the components of Hadoop are defined as projects 


which function different to each other's, S i 
. Some of t 00 
components are as follows — pe widely a 


MapRe "a Pig - It is a platform for HDFS, It consists of a compiler for 
oe Bams and B Lgh-Jeyud language called Pig Latin. It provides a 


is to perform data extractions, transformations and loading, and basic analysis 
without having to write MapReduce programs 


Í 
! 
ls 


ly 
y fg) 
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_ [tis a distributed data warehouse. A data warehouse and 
age that presents data in the form of tables. Hive 
NL que similar to database programming. (It was initially developed 


, Base — [t is a non-relational, distributed database that runs on 
D (iil) {{Base tables can serve as input and output for MapReduce 


pbs- av) 
Mahout — Mahout is a data mining software that can be easily 
ffers java libraries or scalable machine learning algoriti 
analyzing the data. These machine learning algori 
perform a task such as classification, clustering, association rule 


ndra — Hadoop Cassandra provides database that can be 
jy scalable and highly available without interruption in the job perf 
easily SC 


(vii) Chukwa — Chukwa is a data collections system which is mainly 


d for displaying, monitoring, and analyzing the outcomes of the collected 
use 


(vi) Cassa 


pr. m cde for fast processing of uen Spark 
does not use MapReduce job of execution engine to run the job. 
own distributed runtime to complete the job. "m 
(ix) Tez — Tez is a data-flow programming E 
Hadoop Yarn to execute an arbitrary DAG of tasks to process 
batch and interactive use-case. E l 
(x) Avro — Avro is used for data serialization which provides a 
container file for storing persistent data. Avro was created by Doug Eger 
for making Hadoop to be writable in many programming languages such as C, 
C+, C#, Java, JavaScript, Python, Ruby. "m ; 
(xi) Ambari — It is a web interface for managing, configuring an 
testing Hadoop services and components. 
(xii) Flume — lt is a software that collects, aggregates and 
large amounts of streaming data into HDFS. l 
(xiii) Sqoop — It is a connection and transfer mechanism 
data between Hadoop and relational databases. 
(xiv) Oozie — It is a Hadoop job scheduler. 


The Hadoop ecosystem is shown in fig. 3.13. 
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ee ae 


114 Cloud Computing (Vill-Sem) 


, IBM 
ss] Je] 


Distribution 


Hortown 


Other Hadoop 
Distributions 


Works 


Related 


Related 


Projects 


g 


Sqoop 


Technologies 


iJ [t 


Twitter 
Fig. 3.13 The Hadoop Ecosystem 


Q.30. Explain the application of Hadoop. 


Ans. Now-a-days, with the rapid growth of the data volume, the Storage 
and processing of Big Data has become the most pressing needs of the 
enterprises. Hadoop as the open source distributed computing platform has 
become a brilliant choice for the business. The users can develop their own 
distributed applications on Hadoop and processing Big Data even if they do 
not know the bottom-level details of the system. Due to the high performance 
of Hadoop, it has been widely used in many companies. 


(i) Hadoop in Yahoo! — Yahoo! is the leader in Hadoop technology 
research and applications. It applies Hadoop on various products, which include 
the data analysis, content optimization, anti-spam e-mail system, and advertising 
optimization. Hadoop has also been fully used in user interests' prediction, 
searching ranking, and advertising location. 


In the Yahoo! home page personalization, the real-time service system 
will read the data from the database to the interest mapping through the Apache. 


Every 5 minutes, the system will rearrange the contents based on Hadoop 
cluster and update the contents every 7 minutes. 


Concerning spam e-mails, Yahoo! uses the Hadoop cluster to score the € 
mails. Every couple of hours, the Yahoo! will improve the anti-spam e-mail 
model in the Hadoop clusters and the clusters will push 5 billion times of o 
mails' delivery every day. At present, the largest application of the Hadoop 5 
the Search Webmap of Yahoo!. It has been run on more than 10000 Linus 


cluster machines. 


"n, 
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4 Hadoop i" Facebook — lt is known that Facebook is the largest 
dii) P5 ne world. From 2004 to 2009, Facebook has over 200 
_ The data created everyday is huge. This means that 
cing the problem with big data processing which contains content 


tare the advantages of Hadoop ? Explain Hadoop architecture 
i (R.GPY, May 2019) 


dvantages of Hadoop — | 
^ The scalability and elasticity of free open source Hadoop running 
" dware allow organizations to hold onto more data and take 
iS des data to increase operational efficiency and gain competitive 
supports complex analyses across large collections of data at 
of traditional solutions. 
handles a variety of workloads, including search, log 
dations systems, data warehousing and video/image 


on stand 
advantage o 
edge. Hadoop 
one tenth the cost 

(ii) Hadoop 


processing, recommen 


di (iii) Apache Hadoop is an open-source project by the Apache 


E 
E] 


aware foundations. The software was originally developed by the world’s 
rnet companies to capture and analyze the data that they wee 
Unlike traditional, structured platforms Hadoop is able to pes dei e 
data in its native format and to perform a wide variety o ie id 
transformation on that data. Hadoop stores terabytes and even E 

data inexpensively. It is robust and reliable and handles hardware and system 
failures automatically without losing data analyses. eer 

(iv) Hadoop runs on clusters of commodity servers an E . 

those servers has local CPUs and disk storage that can be leveraged by the 
System. 


Hadoop Architecture — Hadoop is an 
Open-source framework that allows users 
lo store and process big data in a distributed 
environment across clusters of computers 


So 
largest Inte 


i š HDFC (Distributed Storage) 
using simple programming models. It is 
designed to scale up from single servers to TARN ET 
thousands of machines with high degree of Framework Utilities 


fa 


: ult tolerance, Data in a Hadoop cluster is 


ifecture 
token down into smaller pieces and Fig. 3.14 Hadoop Architect 


SS 
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Sem) tering problems for Google News 
distributed j ^ Cluste , 4 
Miei. throughout the cluster like the Map and Reduce functio; (i) ExtractinE dat ii Epor ppt TUS | 
needed fi 5 Smaller subsets of larger data sets, and this Provides the MD (i) tracting properties of Web pages for various Purposes 
: z big data processing. scalabili (iv) P ssing satellite image data 
. ce : . " 
i ji framework includes four models — W) Language model proeessmgdor statistical machine translation 
th E Hadoop Common — They contain Java libraries and utili p e-scale graph computations 
at are required by other Hadoop modules. The Java libraries provide qvi Lare building for various search operations 
System and OS level abstraction. It contains necessary Java files and Ee (viii) nd tion 
that are required to start Hadoop. bs ix) Spam woe a icati 
"i (i -ous data mining applications. 
(i) Hadoop Yarn - YARN is a cluster management technology y; (x) Vari N d "om f , 
one of the key features in second-generation of Hadoop, designed from : Explain the overview of MapReduce execution in Hadoop with 
experience gained from the first generation of Hadoop. YARN provides aes 0.33. Sume | 
management and a central platform to deliver consistent operations, m pe help of ap tasks are distributed across multiple machines by | 
and data governance tools across Hadoop clusters. y Ans. The adenine the input data into a set of M splits. These splits can 
m 5 a è a 
(iii) HDFS (Hadoop Distributed File System) — It is a distributeg piomaticalYP parallel by different machines. Reduce tasks are distributed by | 
xà system that provides high throughput computing access to application E the intermediate key space into R aue im: function j| | 
ata. artition! ber of partitions and the partitioning | 
p mod R). The num il! 
(iv) Hadoop MapReduce — For large scale data processing thi; , | (*& hash (key) ified by the user. it | 
programming model. * | function are spect 


When the user program calls the MapReduce( ) function, the following 
Q.32. Write short note on employing Hadoop MapReduce. Also describe 
it's features and applications. 

Ans. A distributed data processing framework called MapReduce. In other 
words, MapReduce is a framework for processing parallelizable problem; 
access large datasets using a large number of computers, collectively referred 
to as a cluster or a grid. Processing can occur on data stored either ina 
filesystem or in a database (unstructured & structured). 

The features of Hadoop MapReduce are as follows — 

(i) The programming model is simple yet expressive. A large number 
of tasks can be expressed as MapReduce jobs. The model is independent of 
the underlying storage system and is able to process both structured and 
unstructured data. 

(ii) It achieves scalability through block-level scheduling. The rur- 
time system automatically splits the input data into even-sized blocks and 
dynamically schedules the data blocks to the available nodes for processing. 

(iii) It offers fault tolerance whereby only tasks on failed nodes hat 
to be restarted. 

The applications of MapReduce are as follows — 

(i) Large scale machine learning problems 


ui à The MapReduce library splits the input files into M pieces (usually 


16-64 MB per piece) and starts up many copies of the program on a cluster of 
machines. . , 

(ii) One of the copies of the program is the master as det 
specified. The rest are workers that are assigned work by the ees a 
are M map tasks and R reduce tasks to assign. The master pic 
workers and assigns each one either a map or a reduce task. ame 

(iii) A worker assigned with a map task reads the rss pa 
input split. It parses key/value pairs out of the input data and passes ed 
to the user-defined map function. The intermediate key/value pairs p 
by the function are buffered in memory. : 

(iv) Periodically, these buffered pairs are written to E E. hee 
and partitioned into R regions by the partitioning function. The y varding 
nese pairs are passed back to the master who is responsible for forv 
these locations to the reduce workers. locations, it uses 
Temote (V) When a reduce worker is notified about pi the disks of the 

Procedure calls (RPCs) to read the buffered data tro 


. . ta for its 
"mp Workers, When a reduce worker has read all intermediate da 


——— 


re 
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partition, it sorts it by the intermediate keys to group together all occ 
of the same key. If the amount of intermediate data is too large to fit in 
memory, an external sort is used. he 


(vi) The reduce worker iterates over the sorted intermediate d 
and for each unique intermediate key, it passes the key and the correspond; : 
set of intermediate values to the user’s reduce function. The output eil 
reduce function is appended to a final output file for this reduce Partition. : 


(vii) When all map and reduce tasks have completed, the Master 
wakes up the user program. At this point, the MapReduce call in the user 
| program returns back to the user code. After successful completion, the Output 
| of the MapReduce execution is available in the R output files, 
To detect failure, the master pings every worker periodically. | m 

response is received from a worker in a certain amount of time, the master 

marks the worker as failed. Any map tasks completed by the Worker are 
reset back to their initial idle state, and therefore become eligible for 
scheduling on other workers. Similarly, any map task or reduce task ín 
progress on a failed worker is also reset to idle and becomes eligible for 
rescheduling. 

Completed map tasks are re-executed when failure occurs because their 
output is stored on the local disk(s) of the failed machine and is therefore 
inaccessible, Completed reduce tasks do not need to be re-executed since 
their output is stored in a global file system. 


Example of a MapReduce — Assume we have five files, and each file 
contains two columns, a key and a value in Hadoop terms that represent a city 
and the corresponding temperature recorded in that city for the various 
measurement days, This example is made very simple so it's easy to follow. 


We can imagine that a real application contain millions or even billions of 
rows, 


Delhi, 31 
Mumbai, 32 
Chennai, 33 
Calcutta, 32 
Delhi, 24 
Calcutta, 34 
Chennai, 38 
Delhi, 27 
Calcutta, 33 
| Chennai, 37. 
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m collected, to find the maximum temperature for each 

j the data files (note that each file might have the same city 
mes). Using the MapReduce framework, we can break 


ks, where each mapper works on one of the five 


(Chenn 
tta, 

(Calcu 

e uses Of MapReduce. 


0.34. Gis f MapReduce are as follows — 
o 


Ans. Uses 


At Google ^ 
(i) Index 
(ii) Articl 
(iii) Statistica 


building for Google Search 
e clustering for Google News 
| machine translation. 


hoo! — 
" p^ Index building for Yahoo! Search 


(ii) Spam detection for Yahoo! Mail. 


At Facebook — 
(i) Ad optimization 
(ii) Spam detection. 


0.35. Give the limitations of MapReduce. - 
Ans. There are following four main limitations of the MapRe 


be 
(i) The Bottleneck of JobTracker — The (bp iu E 
responsible for jobs allocation, management, and schedu Ing. ^ra 
communicate with all the nodes to know the processing status, ny tasks. 
that the JobTracker which is unique in the MapReduce, task too s £ ee 
If the number of clusters and the submission jobs increase rap! c reach 
cause network bandwidth consumption. As a result, the JobTracker wi 
bottleneck and this is the core risk of MapReduce. o 
(ii) The TaskTracker — Because the jobs allocation ! 
too simple, the TaskTracker might assign a few tasks that need 
“need a long execution time to the same node. In this situation, 
"ode failure or slow down the processing speed. 


nformation is 
more sources 
it will cause 


a eS E 
-—— o 


Y 
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eee 


(iii Jo y , P, 
nud Dela) - Before the MapReduce starts to w 
"Ill report its own resources and operati es PA 
£6 dhe pie S s and operation situation A 
» the JobTracker will assig j oe 
assign the jobs and tl 
Starts to ru : pent the Task 
se n. As a consequence, the communication delay may K Tracker 
er to wait too long so that the jobs cannot be completed in ~ the 
Ime, 


ented (iv) Inflexible Framework — The MapReduce currently al] 
a o efine its own functions for different processing stages, the Ma RA the 
ework still limits the programming model and the resources allos a 
ation, 


K, th 
Ordin, 


FUNDAMENTALS, VU 


eniin LK Bey i 


RE, 
eco 


ie cloud security. [R. GP.V., Dec. 2015 (MCA)] 


Ans, Cloud computing security refer to the set of procedures, processes 
ind standards designed to provide information security assurance in a cloud 
omputing environment. Cloud computing security addresses both physical 
5i logical security issues across all the different service models of software, 
platform and infrastructure. It also addresses how these services are delivered. 


Q.2. What ar 


| secure ? 
Ans. Asoftware must have the following three properties to be considered 


"3 Defir 


e the properties that software must have to be considered 


secure — 
(i) Dependability — Software. that runs predictably and works 


| properly under different conditions, including when under attack or executing 


| ona malicious host. 
(ii) Survivability (Resilience) — Software that is tolerant ofor resistant 
lo attacks and is able to recover rapidly with as minimum harm as possible. 
(iii) Trustworthiness — Software that has a smaller number of 
vulnerabilities or no vulnerabilities or weaknesses that can harm the software’s 
dependability, 


0.3. Write short note on audit log. 

E ; 

ieee A pin of records that collectively offer documentary evidence of 

related 85 utilized to help in tracing from original transactions forward to 

their ng and reports, and/or backward from records and reports to 
Ponent source transactions is an audit trial or log. 


6.28. - 


N 
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The following should be kept in audit logs — 
(i) The transaction’s date and time 
(ii) At which terminal the transaction was processed 
(ili) Who processed the transaction 
(iv) Different security events associated with the transaction, 


Q.4. Give at least two reasons that cloud security system is differen 
from traditional security system. [R.GP.V., June 2015 (MCAJ 


Ans. The differences between cloud security and traditional security stem: 
from the sharing of infrastructure on a massive scale. Users spanning different 
corporations and trust levels often interact with the same set of computing 
resources. Public cloud services are increasingly being offered by a chain of 
providers, all storing and processing data externally in multiple unspecified 
locations. The difference between traditional systems and cloud computing s 
the confidentiality based on encryption is hardly possible, and the inexistent 
user control on the physical level. This affects directly to approaches based 
on electronic identity cards, which now must be cloud compatible. 

Q.5. What are the key mechanisms use to protect data in cloud storage? 
[R.GPV., June 2015 MCA 
Or 
Describe how the data security is handled in cloud. (CAI 
[R.GB.V,, Dec. 2017 (s 
Ans. Following are the key mechanisms for protecting data — 
G) Access control (ii) Auditing 
(ili) Authentication (iv) Authorization. 
e The core technology for protecting data in transmit to and 
as well as data stored in the cloud is encryption. The goal of € 


storage is to create a virtual private storage system that maintains 
and data integrity while maintaining the benefits of cloud storage. 


Q.6. Discuss different attributes of cloud security. 016 (BE 
[R.GP.V, June 27. 


Ans. Cloud security attributes belong to broadly into the followin a 
(i) Confidentiality, Privacy and Trust — These are soris 


basic attributes of digital security such as authentication and aUl 
information as well as protecting privacy and trust. - NT 
(ii) Physical Protection of. Enterprise Cloud Assets ^ Thi 
belongs to protecting enterprise cloud centers and its assets | 
(iii) Enterprise Cloud Services Security — This include? 
all its services such as SaaS, PaaS and laaS. This is the key 4" 
needed for achieving enterprise cloud security. 


é 
secu y 
n Que" 
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(iv) Data Security — This category is again paramount for sustaining 
enterprise cloud technology. This includes protecting and recovering planning 
for enterprise cloud data and service centers. It is also important to secure 


data in transactions. 


Q.7. Explain different cloud security services. 
[R.GP.V., Dec. 2013 (MCA)] 


Or 


Discuss the different cloud security services. 
[R.GP.V., Dec. 2014 (BE), 2015 (BE)] 


Or 
Explain cloud security services. [R.GP.V., Dec. 2015 (MCA)] 
Or 
Explain the categories of security services provided for information over 
the cloud. [R.GP.b., June 2016 (BE)] 


Ans. The different cloud security services are as follows — 


(i) Authentication — Authentication refers to the testing or 
reconciliation of evidence of a user's identity. It creates the user's identity and 
we in that users are who they claim to be. Consider, for example, that a 
Mur - an identity to a computer login screen and then has to give a 
od Pes computer system authenticates the user by verifying that 

ngs to the same user providing the ID. 


(i) Authorization — Authorization means the rights and privileges 


Branted t : 
o a user that provide access to computer resources and information 


assets, 


the Mins ak - Accountability means the ability to determine 

ecognize that s : po: of an individual within a cloud system and to 

They Gon alse b uel, Individual. Audit trails and logs help accountability. 

Events and the indivi to do postmortem studies in order to analyze historical 
Individuals relateg with thosé events. 


System iudi Ing — A one-time or periodic event to evaluate security is a 


Info ; 
Tmatior > . " 
! technology (IT) auditors are of two types — internal and 


rnal auditors ae : a : 

Extemal ne Work tora given organization, while external auditors 

"on a | are certi fi ~ 

sionals that ` tors are certified public accountants or other audit 
ĉo an independent audit of an organization's financial 


a al auditors hi j 
1 b avea mt ch roac : 


Perat cking for compliance and standards of due care, auditing 
» and recommending the suitable controls, = 
il | S are audited by IT auditors - 

(à) System development standards 


~ Cost efficiencies 
following function 
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(b) System and transaction controls 
(c) Backup controls 
(d) Data center security 
(e) Data library procedures 
(f) Contingency plan. 
Besides, IT auditors may suggest enhancements to control, and take part 
in a system's development process to support an organization avoid expensive 
reengineering after the system's implementation. 


Q.8. Write a brief note on cloud security design principles. 
[R.GP.V., June 2015 (BE)] 


Or 


Discuss the various cloud security design principles. 
[R.GP.V., May 2018 (MCA)] 


Ans. The various cloud security design principles are as follows — 

(i) Least Privilege — This principle requires that an individual, 
process, or other type of entity should be provided the minimum privileges 
and resources for the minimum time needed to finish a task. This principle 
decreases the opportunity for unauthorized access to important information. 

(ii) Separation of Duties — This principle needs that completion of 
a particular sensitive activity or access to sensitive objects relies on the 
satisfaction of a plurality conditions. Consider, for example, an authorization 
would need signatures of two or more individual, or the arming of a weapons 
system would need two individuals with distinct keys. Therefore, in order t0 
compromise the system, separation of duties forces collusion among entities. 

(iii) Defense in Depth — This is the application of multiple layers 2 
protection wherein a subsequent layer will offer protection if a previous lay' 


i ils it 
This refers to that when a cloud system eue 
re 


is broken. 
(iv) Fail Safe — 
should fail to a state where the security of the system and its data 2 


compromised. 

(v) Economy of Mechanism — This principle promote 
comprehensible design and implementation of protection mechanisms, 
unwanted access paths can be identified and removed or do not exist. " 

(vi) Complete Mediation — [n this principle, each req uest by ep 
to access an object in a computer system follows an effective e 
authorization procedure. The following are included in the complete mec! 

(a) Identification of the entity requesting for the access 


‘nce ! 
(b) Verification of the request that it has not altered 51 


initiation 
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(c) Application of the suitable authorization procedures 
(d) The same entity reexamines the previously authorized 


requests. 
(vii) Open Design — Some think that the encryption algorithm should 


be kept secret to be more hard to break. In contrast, others feel that exposing 
the algorithm to review and study by experts at large while keeping the 
encryption key secret results in a stronger algorithm since the experts have a 
higher probability to find weaknesses in it. Generally, the latter approach is 
more effective, except in the case of organizations like the National Security 
Agency (NSA), which uses the best cryptographers and mathematicians. 
Mostly, an open-access cloud system design offers a more secure 
authentication method. Security of such mechanisms relies on protecting 


passwords or keys. 

(viii) Least Common Mechanism — According to this principle, a 
minimum number of protection mechanisms should be common to multiple 
users, because shared access paths can be sources of unauthorized information 
exchange. The least common mechanism enhances the least possible sharing 
of common security mechanisms. 

LU (ix) Psychological Acceptability — It means the easy to use and 

intuitiveness of the user interface that controls and interacts with the cloud 

acess control mechanisms. 

n (x) Weakest Link — The security of a cloud system is as good as its 

ae component. Therefore, it is necessary to recognize the weakest 

in nisms in the security chain and layers of defense, and enhance them so 

risks to the system are alleviated to an acceptable level. 

impleme (xi) Using Existing Components — In many cases, a cloud 

ntation security mechanisms might not be used to their maximum 


viro or configured properly. The security posture ofan information system 
mechani oe by reviewing the state and settings of the extant security 
ms and ensuring that they are working at their optimum design points. 
M other approach to enhance cloud system security by using existing 
han to divide the system into defended subunits. Now, if a security 
M IS used in one sub-unit, it will not affect the other sub-units. This 


Will n 
esult in min: : 
sult in minimum damage to the computing resources, 
29, What are the different secure cloud software requirements ? 


Or 


Explain the requirements of secure cloud software. 
[R.GRV, Dec. 2016 (BE)] 


A 5 ; 
"5. The following three security needs are shared by all software — 


foll 2n» PRA Orin idiom usa C... 
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(i) lt must rely on expected operating conditions, and remain 
dependable under hostile operating conditions. l SN 

(ii) It must be reliable in its own behaviour, and in its inability tobe 
compromised by an attacker via exploitation of vulnerabilities or insertion of 
malicious code. 

(iii) It must be resilient enough to recover rapidly to full operational 
capability with a minimum of damage to itself, the resources and data it handles, 
and the external components with which it interacts. 


0.10. Explain the cloud information security fundamentals introduced 
in cloud security management. [R.GP.V., Dec. 2014 (BE), June 2015 (BE) 


Ans. The three primary goals of information security are confidentiality, 
integrity and availability. 

(i) Confidentiality — Confidentiality assures you that data cannot 
be viewed by unauthorized people. Confidentiality is concerned with preventing 
the unauthorized disclosure of sensitive information. The disclosure could be 
intentional or it could be unintentional. 

(ii) Integrity — Integrity assures you that data has not been changed 
without your knowledge. The data is internally and externally consistent. 


(iii) Availability — Availability assures you the reliable and timely 
access to cloud data or cloud computing resources by the appropriate personnel. 
Availability guarantees that the systems are functioning properly when needed 


Also refer to Q.2, Q.7, Q.8 and Q.9. 


Q.11. Explain the various security benefits on the cloud. 
[R.GP.V., Nov. 2018 
Ans. Security benefits of using cloud are — 

(i) Data Encryption — Robust data encryptions within cloud-base! 
security systems have substantially reduced the possibilities of data breaches 
these solutions offer a layered approach that consists of security intel ligen 
key management, and secure access controls, Cloud-based systems give A 
required freedom to companies to choose their users who will be access” 
the data that has been outsourced to the cloud. This way, any attempts ' 
tamper with personal or profession data can be thwarted. $ 

Most companies face the threat of intemal data theft by their employ? j 
and stronger access controls can nip these threats in the bud. The multi-lay 
security features weed out the possibilities of a breach of data to a gre? 
Data, irrespective of its type, needs to be protected at all times. Any vio 
can be hazardous to the goodwill and the functioning of an enterprise. 

(ii) Avoid DDoS Attacks — 
attacks can result in hefly losse 


(MCA) 


jatio® 


5) 
v . pD” 
Distributed Denial of Service (D e 
$ for entertainment companies. Hacker? 
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the website by directing traffic from several sources to the end website, and 
as a result, the system gets overwhelmed. These DDoS attacks may tarnish 
the image of the company, as clients begin to lose trust. 


Cloud-based security systems guard this imminent threat with real-time 
scanning of potential risks; this function is further used as a warning tool for 
yarious systems which allows for the tracking of incoming threats and attacks 
instantly — this enables website admins to divert the traffic to several different 
locations. 


(iii) Regulatory Compliance — Cloud computing security solutions 
usually provide reliable SOC1 and SOC2 certifications to the entertainment 
businesses. These certifications ensure periodic scrutiny of data and all types 
of possible glitches. Cloud-based solutions manage the requisite infrastructure 
for regulatory compliance and the protection of data. Detailed AWS reports 
about management of security controls ensure all organizations focus on their 
business operations, without worrying about compliance requirements. 


(iv) Secure Storage — Traditional storage solutions do not provide 
any protection against possible disasters that have the potential to erase required 
data from devices. Cloud computing allows the users to store their data safely, 
thereby negating any mishaps that may affect the equipment. 

Cloud storage solutions offer private, public, and hybrid solutions which 
the businesses may choose as per their requirements. The hybrid cloud storage 
systems allow the users to keep their data secure in the most effective manner. 


(v) Patch Management — The vulnerabilities of a website are often 
exploited by hackers to breach the security system of a company. Cloud service 
Providers keep their sites up to date; further on, they ensure that no 
Vulnerabilities exist. Moreover, cloud solutions offer real-time assistance to 
clients by providing companies with the option to scale cloud solutions during 
high traffic situations. This flexibility allows companies to reduce their cost of 
Services substantially. 

These large number of security features are quite flexible, agile, and 
affordable, Enhanced security features offer sufficient protection to the private 
i financial data of both media and entertainment companies and help to 

art data and intellectual property breaches. In this era of digitalization, 
Avi cybercrime has emerged as a norm, cloud-based solutions seem to be 

est alternative to traditional security systems. 


0-12. What is a vulnerability scanner ? 


Ans, A vulnerability scanner is a tool that can scan an entire system for 
Wn vulnerabilities. It typically works in conjunction with a database full 
Seyn vulnerabilities and cross checks the database with any exploits the 

may find. The security implications behind using a scanner on a 


kno 
ofk 
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system are — 

(i) They provide reports on vulnerabilities found. 
(ii) Can be automated to scan an entire system. 

One of the downsides to automated reports is that sometimes it repons 

false positives, also known as a false alarm. If there are many false alarms, the 

reliability of the vulnerability scanner diminishes, and security administrator, 


must spend many hours checking cach false positive. 


Q.13. Discuss about the vulnerability assessment scanners. 


Ans. Vulnerability assessment scanners are tools that scan networks and 
provide a diagnostic report on discovered vulnerabilities. The scanner cross 
checks with a database of known common security holes and tries to exploit 
them. Any detected security holes are classified, and mentioned to the 
administrator along with a set of recommendations that they should take to 
improve the security of their network. As cloud computing demands have 
increased, security implications are now more vital than ever. New tools such 
as scanners are used to take an automated analytical approach that can determine 
that vulnerabilities not only exist, but also can effectively correct security 
flaws. A few tools some online companies using are Nessus, OpenVAS, 
Nexpose, or other vulnerability scanning tools. These scanners over the years 
have developed from unreliable tools that reported false positives, lacked 
scalability, and other bugs that prevented the tools from effectively scanning 
the network for vulnerabilities. For example, they did not provide detailed 
information or control services. These major vulnerability assessment tools, 
"cd their flaws, have provided an impetus for the development of new 
ools. 


Q.14. What are the key privacy concerns in the cloud ? 
[R.GP.V., June 2015 (MCA) 


Ans. Privacy advocates have raised many concerns about cloud 


computing. These concerns typically mix security and privacy. Some addition?! 
considerations to be aware of are — 


(i) Storage — When the data is stored in the cloud, such a tran 


EN DT 
violation of the law, rganization, resulting in a P 


sfer 
tial 


- ii) Access — Data Subject have a right to know what person? 
" er is held and, In Some cases, can make a request to stop processi" 
eoncem is resale IREA rd to marketing activities. In the cloud, the T 
eel ni Mis s ability to provide the individual with access ge 
exemisssthts ri on, and to comply with stated requests. If a data sub) j 

es this right to ask the organization to delete his data, will be possible! 
ensure that all of his information has been deleted in the clóud ? 
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(iii) Compliance — Clouds can cross multiple jurisdictions, for 
ple, data may be stored in multiple countries, or in multiple states within 
xe United States. What is the relevant jurisdiction that govern an entity's data 
cloud and how is it determined ? 

(iv) Retention — How long is personal information (that is transferred 
p the cloud) retained ? Who enforces the retention policy in the cloud, and 


iw are expectations to this policy managed ? 


0.15. Discuss the various types of security policies. 

Ans. In the corporate world, when we refer to specific policies, rather 
tana group policy, we generally mean those policies that are distinct from the 
gandards, procedures, and guidelines. Policies are considered the first and 
tighest level of documentation for strategic reasons, from which the lower- 
kvel elements of standards procedures, and guidelines flow. The various 
&curity policy types are as follows — 

(i) Senior Management Statement of Policy — This is the first 
Wlicy of any policy creation process. This high level policy acknowledges the 
mportance of the computing resources to the business model. 

(ii) Regulatory Policies — These policies are implemented by an 
ganization due to compliance regulation, or other legal requirements. These 
Policies are very detailed and specific to the industry where the organization 
Works. These organizations may be financial institutions, public utilities, or 
me other kind of organization working in the public interest. 

(iii) Advisory Policies — These policies are not mandatory but strongly 
commended, perhaps with serious results defined for failure to follow them. 
an organization following such policics needs most employees to consider 

ese policies mandatory. Most policies belong to this category. 
These A Informative Policies — Thesc policies exist to fom NE 
brane not implied or specified requirements. The audience lO 

on can be some internal or external parties. 


cs ap "iat are the cloud security services ? Explain different polices 
Provide secure cloud computing environment. 

[R.GP.V., May 2019 (MCA)] 
oat oA Cloud security service is a Web based identity and access je 
Platformer Cloud security service allows software-as-a-service ors ), 
lo offer ‘Nels (PaaS) and infrastructure-as-a-service (laaS) pe ers 
inftast eir enterprise customers the ability to deploy their existing identity 

Tucture in a cloud, 
coud Security service is the cloud security broker, a collection of cloud 
Ms that work together to provide a secure place for cloud workloads 


$ 
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ity and access management systems. Client-side access control is an 
gral component of their cloud security strategy for IaaS subscribers. 


(ii) Consistency — An overarching and consistent policy framework 

critical for successful cloud security implementation. For example, an 
ellent design to achieve reliable and dynamic logical separation is to apply 
pne-based and policy-driven security enforcement. A zone is a group of 
atributes they may include traditional networking parameters such as IP 
addresses, network protocols and port numbers. The zone may also contain 
aformation such as virtual machine (VM) and custom attributes. Approaches 
such as this help ensure policy consistency in a dynamic cloud environment 
where VMs typically move around. 
(iii) Architecture — The cloud computing architecture generally 
includes the underlying infrastructure, various service components, and certain 
pervasive functions such as security and resiliency. Furthermore, cloud security 
has its own architectural structure. 


(iv) Automation — A core tenet of the cloud computing business 
model is pay-per-use, meaning that elasticity is not only reflected in the 
infrastructure and computing power, but also in the cost structure. 


(v) Governance — Cloud computing represents a dramatic shift to 
new technologies and new business computing models. Providers and 
subscribers need to ensure that their organizational governance is up to date to 
support these changes. From a technology perspective, cloud governance 
necessitates an increase in visibility and auditing capabilities. 


(vi) Logical Separation — A key cloud computing benefit is its elastic 
computing capabilities, meaning that computing power can be ramped up or 
dialed down rapidly based on demand. To support such a dynamic business 
computing model, security should be provisioned in a similar manner. Static 
and physically oriented security configurations such as VLAN-based security 
are labor intensive and can hardly keep up with the fast pace. New approaches 
are needed to achieve logical separation to secure dynamic and shared 
environments such as multi-tenancy. 

. (ii) Scalability and Performance — Scalability and performance are 
“quirements for cloud security because of the potentially massive workloads 
ie Stringent security requirements involved. Innovative technologies that can 
to nost performance while maintaining a high security standard is critical 

“oud security implementation. 
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and cloud storage. SaaS and PaaS platforms access the security bro 
identity and event connectors, while the enterprise accesses the broke 
on premise secure bridge run from the data center. This secure bridge 


is firewall friendly, provides a protocol proxy, policy agent, audit agent 


s Se 
ger and key agent. The broker ensures that si 
ve 


ker Vig 
T Via a 
, Which 


inte 


is 
communication mana z 
information always remains behind the firewall. 

For example, IDaaS (Identity-as-a-services) is one of the cloud seç 
services which is described as a combination of administration and ac 


provisioning, authentication and authorization and reporting functions, 
Refer to Q.15. 


Q.17. Explain the term policy implementation. 
[R.GP.V., Dec. 2015 (MCA) 


Ans. A policy is one of those terms that can mean several things, Fo, 
example, there are security policies on firewalls, which refer to the acces; 
control and routing list information. Standards, procedures, and guidelines are 
also referred to as policies in the larger sense of a global information security 
policy. A good, well written policy is more than an exercise created on white 
paper - it is an essential and fundamental element of sound security practice. 
A policy, for example, can literally 
be a lifesaver during a disaster, 
or it might be a requirement of a 
governmental or regulatory 
function. A policy can also 
provide protection from liability 
due to an employee's actions, or 
it can control access to trade 
secrets. Security policies and 
their relation hierarchically is 
shown in fig. 4.1. Fig. 4.1 Security Policy Hierarchy 

Refer to Q.15. 
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Senior Management Statement of Policy 


General Organizational Policies 


Functional Policies 


Mandatory Standards 
Recommendation Guidelines 


Detailed Procedures 


Q.18. Discuss different areas of cloud policy implementation. 
: [R.GP.F., Dec. 2013 
Ans. Following are the key areas of cloud policy implementation 7 


. (i) Authentication and Access Control — One of the key à 
Security areas is access control 


(McA)! 


oud 


: te the 
and is a good example to demonstr? oa! 


pu iid onsibility concept. PaaS and SaaS providers, for instance i 0.19. Explain the following — 
i'i authentication for cloud application developers an duse On ihe of í 0 Security governance (ii) Security monitoring 
and, opportunities exist for cloud subscribers to take ownersh! (iii) Risk management. 


authentication and [R.G.BV,, Nov. 2018 (BE)] 


access control to cloud for tighter integration with 


— 


132 Cloud Computing (VIII-Sem) 


Unit-IV 133 
Ans. (i) Security Governance — A security steering committee should " 

developed whose objective is to focus on providing guidance about securi 
initiatives and alignment with business and IT strategies. This committee s 
clearly define the roles and responsibilities of the security team ang othe 
groups involved in performing information security functions. 
Cloud security governance refers to the management model that facilitates 
effective and efficient security management and operations in the clou 
environment so that an enterprise's business targets are achieved. This model 
incorporates a hierarchy of executive mandates, performance expectations 
operational practices, structures, and metrics that, when implemented, res, 
in the optimization of business value for an enterprise. Cloud security 
governance helps answer leadership questions such as — 
(a) Are our security investments yielding the desired retums? 


(i) Loss of control 
(ii) Lack of trust 
(iii) Multi-tenancy 
(iv) User identity management is controlled by the cloud 
(v) Consumer depends on provider to ensure 
(a) Data security and privacy 
(b) Resource availability 
(c) Monitoring and repairing of services or resources. 


(vi) User access control rules, security policies and enforcement 
are managed by the cloud service provider. 


Q.21. What is multitenancy issue in cloud computing ? 
[R.GP.V., Dec. 2016 (BE)] 


(b) Do we know our security risks and their business impact? Or 
(c) Are we progressively reducing security risks to acceptable Explain risk from multitenancy with respect to various cloud 
levels ? environment, [R.GPV., June 2017 (MCA)] 
(d) Have we established a security-conscious culture within the Ans. Multitenancy is a one to many model which allows sharing of resources 
enterprise ? and costs across multiple users. The concept of multitenancy is a critical issue 


in cloud computing because it is directly related to security and QoS in the 
aspect of companies and individual. Although, it still faces a big challenge of 
security and privacy problem, secured multitenancy should be applied in cloud 
computing environments to reduce cost correlated with building computing 
resources, especially storage resource and to effectively manage infrastructure. 


Strategic alignment, value delivery, risk mitigation, effective use of 
resources, and performance measurement are key objectives of any IT-related 
governance model, security included. To successfully pursue and achieve 
these objectives, it is important to understand the operational culture and business 
and customer profiles of an enterprise, so that an effective security governance 


model can be customize i ; 
d for the enterprise. Q.22. What do you understand by security awareness ? What are its 


benefits ? How can we improve the security within an organization ? 

.. Ans. Security awareness of an organization means the degree to which 
its personnel are collectively aware of the importance of security and security 
Controls, 

Personnel are viewed as “security aware” when they understand the 
requirement for security, how the viability and the bottom line are affected by 
Security, and the daily risks to cloud computing resources. 

Security awareness programs have the following benefits — 

(i) They aid to prevent the fraud, waste, and abuse of computing 
l'ésources, 
(ii) They can enhance the effectiveness of the protection controls. 
(iii) They can decrease the unauthorized actions performed by 
Personnel, 
The following activities are used to enhance security within an organization — 


b (i) Live/Interactive Presentations — Videos, lectures, and computer 
ased trainin g 


(ii) Security Monitoring — Security management prevents 
unauthorized access and configuration of storage infrastructure components 
For example, while deploying an application ora server, the security managemen 
task include managing user accounts and access policies, that authorizes us¢® 
to perform role-based activities security monitoring in the cloud should & 
integrated with existing enterprise security monitoring tools using an AP l 
technol d L Management — Risk management entails identification d 

licae sets; Identification of data and its links to business process 

= stil and data stores; and assignment of ownership and custodi 

yao a aeons should also include maintaining a reposilo » 

assets includin bs ES have authority and accountability for informa! 

confidentiality Sie “ction requirements, and custodians imple" 
» integrity, availability, and privacy controls. 


0.20. Why cloud computing brings new threats ? 


f 
[R.GP.V, June 2017 (uc 
reats due to — 


Ans. The cloud computing brings new th 
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(ii) Incentives — Awards, etc. 
(iii) Publishing/Distribution — Bulletins, posters, and the intranet 
(iv) Reminders — Log-in banner messages and marketing 


paraphernalia like mugs, pens and mouse pads. 


0.23. Explain the cloud computing security architecture using suitable 


block diagram. [R.GP.F,, Dec. 2015 (BE) 
Or 


Explain cloud computing security architecture. 
[R.GB.V,, Dec. 2013 (MCA), 2014 (MCA), 2014 (BE), 
2015 (MCA), 2016 (BE)] 


Ans. Cloud application developers have been successfully developing 
applications for IaaS and PaaS platforms. These platforms offter basic security 
features but security concerns continue to be the number one barrier for 
enterprise cloud adoption. Cloud security concerns range from securely 
configuring virtual machines deployed on an laaS platform to managing user 
privileges in a PaaS cloud. The cloud services can be delivered in many flavors, 
i.e., in any combination of service delivery models SaaS, PaaS and laaS (SPI), 
and operational models, public, private and hybrid, the cloud security concerns 
and solutions are context dependent. Hence the solution architecture should 
match these concerns and build security safeguards (controls) into the cloud 


application architecture. 
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Fig. 4.2 Cloud Security Architecture Plan 


of cloud computing security architecture. 
— — Ans. Refer to Q.23. 


--— 
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__ As a first step, architects need to understand what security capabilities 
gre offered by cloud platforms. The architecture for building security into 
cloud services is shown in fig. 4.2. Security capabilities and offerings continue 
to evolve and vary between cloud providers. Hence you will often discover 
that security mechanisms such as key management and data encryption will 
not be available. For example, the need for a AES 128 bit encryption service 
for encrypting security artifacts and keys escrowed to a key management 
service. For such critical services, one will continue to rely on internal security 
services. A "Hybrid Cloud" deployment architecture pattern may be the only 


viable option for such applications that dependent on internal services. 


Q.24. With the help of a neat diagram explain the principal components 
[R.GPV., June 2017 (BE)] 


User Layer Components — 
(i) Cloud applications 
(iii) Tools 

Service Provider Layer Components — 
(i) SLA monitor (ii) Metering 
(iii) Accounting (iv) Resource provisioning 
(v) Scheduler and dispatcher (vi) Load balancer 
(vii) Advance resource reservation monitor 
(viii) Policy management. 

Virtual Machine Layer Components — 
(i) Virtual machines (ii) Operating systems 
(iii) Monitoring of operating system. 

Data Center Layer Components — 
(i) Servers (ii) CPU's (iii) Memory (iv) Storage. 


Q.25. Discuss the compliance issues in cloud security architecture. 
lients of the storage location 


e of the cloud's 


(ii) Programming 
(iv) Environments. 


Ans. The provider does not usually notify the c 
Of their data in a public cloud environment. In fact, on 
fundamental characteristics is the distribution of processing and data storage. 


However, to consider the client's data location needs, the cloud provider should 
help, Besides, the cloud vendor should offer transparency to the client by 
Providing information about used storage, processing characteristics, and other 
lated account information. 

The accessibility of a client’s data by the provider's system engineers 
“Nd some other employees is another compliance issue. This factor is an 
"5sential part of offering and maintaining cloud services but the act to obtain 
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important information should be monitored, controlled, and Protected | 

safeguards like separation of duties. The ability of local law enforcemen 
agencies to access a client’s sensitive data is a concern in cases Where 
information is stored ina foreign jurisdiction. Consider, for example, the Situation 
when a government entity does a computer forensics investigation of a cloud 
provider under suspicion of illegal activity. 

For data protection and compliance, the cloud provider's claims mug, 
be backed up by certifications, auditing, and logging. Specifically, a cloud 
provider should undergo a Statement on Auditing Standard #70(SAS 70) 
“Service Organizations” Type II Audit at a minimum. A service organization’, 
internal controls are evaluated by this audit to ascertain whether accepted 
best practices are being used to protect client information. It is needed by 
client vendors to undergo subsequent audits to keep their SAS 70 Type II 
Audit certification. 

The management policy related with data stored in the cloud is one other 
related issue. The compliance and privacy needs have to be considered when 
a client's engagement with the cloud provider is ended. In some situations, 
information is preserved on the basis of regulatory requirements and in other 
cases the provider should not keep a client's data in primary or backup storage 
if the client realizes it has been destroyed. When data is stored in a foreign 
jurisdiction, the data may be subjected to that country's privacy laws. 


Q-26. Define the term architectural consideration. 


Ans. A variety of factors affect the implementation and performance of 
cloud security architecture. There are general issues involving regulatory 
requirements, security management, adherence to standards, information 
classification and security awareness. Then there are more specific 
architecturally related areas, including trusted hardware and software, providing 
for a secure execution environment, establishing secure communications, and 
hardware augmentation through microarchitectures. 


Q.27. Write short note on general issues in cloud security architecture 


Ans. Many topics influence and directly affect the cloud security 
architecture. They include such factors as security management, complian® 
administrative Issues, controls and security awareness. Compliance with lega 
regulations should be supported by the cloud security architecture. que 
con ollary, the cloud security policy should address classification of informalio^ 
what ae can potentially access information, under what conditions i 
de EM dés the geographical jurisdiction of the stored dala, 
IO a eccess IS appropriate, Proper controls should be deter 
ie with assurance methods, and appropriate personnel aware 

ucation should be put in place. 


and 
ined 
ness 
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Q.28. What is trusted cloud computing ? What are its characteristics ? 
[R.GPV., May 2018 (MCA)] 


Ans. Trusted cloud computing is considered as a computer security 
architecture which is designed to protect cloud systems from harmful intrusions 
and attacks. It ensures that computing resources will work in a particular, 


predictable way as desired. 

Trusted Computing Characteristics — There might be running multiple 
processes concurrently in a cloud computational system. Each process can 
access specific memory locations and run a subset of the computer's 
instruction set. The execution and memory space allocated to each process is 
known as a protection domain. This domain is extended to virtual memory to 
increase the real memory size. The goal of a protection domain is to protect 
programs from all unauthorized actions. 

The total combination of protection mechanisms within a computer system 
is called a trusted computing base (TCB). TCB includes the hardware, 
software, and firmware to enforce the security policy of a computing system. 
These components must be protected from harmful processes. It must also 
offer for memory protection and make sure that the processes belonging to a 
domain do not access memory locations of another domain. The boundary 
that separates the TCB from the remainder of the system is called the security 
perimeter. There must be a trusted path to access the TCB. Thus, a trusted 
computer system uses the necessary hardware and software assurance 
measures to allow its use in processing multiple levels of classified or sensitive 


‘information. This system satisfies the needs for reliability and security. 


The trusted platform module (TPM) is used to store cryptographic keys 
that can be used to attest to the operating state of a computing platform and to 
confirm that the hardware and software configuration has not been modified. 


Q.29. What is VM rootkit ? [R.GP.V., June 2017 (BE)] 


Ans. A rootkit is a software, which is used to perform some illegal 
Operation. It is not harmful. It is used to hide entry of malware or worms into 
the computer system by making some hidden channels. Similarly, virtualization- 
based rootkits use rogue hypervisor to make a hidden channel to insert 


Unauthorized code into system. 
Q.30. What is honeypot ? What are the different types of honeypot ? 
[R.GB.K., May 2019 (BE)] 
Aus. According to the Lance Spitzner, “a honeypot is an information 
System resources whose value lies in unauthorized of illicit use of that 
sources”, Honeypot is a useful tool for luring and trapping attackers, capturing 
information, Security is the essential element of any organization Web sites, 
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but though the security provided by the honeypots based on hardware Setups 
are very expensive for small and medium scaled organization; a software based 
honcypot may be proven as a very effective security solution for these 
organizations. Among all these types of honeypot low-interaction honeypot ig 
the mostly used honeypot, because it is casy to implement and manage, Bu 
the most secure and efficient honeypot type is high interaction honeypot, 
These honeypots provide security as well as generates a log about all entries in 
the system which is very helpful to find the intrusive activity in the system, 
But the honeypot must need to upgrade to new methods and attacks at some 
interval of time to provide security against new type to attacks. It can't be said 
as a solution but it is good supplement for the security system. 

A honeypot can detect the behaviour of the attacker or the intrusion 
information to observe and record the details of the attacker and create a log 
of malicious entries and examines level, purpose, tools and methods used by 
the attacker so that evidence can be obtained and further actions can be taken. 

Honeypot technology and traditional security system combined can build 
an active network security protection system. 

Honeypots can be classified based on the level of interaction between 
intruder and system. These are low-interaction, high-interaction and medium- 


interaction honeypot. 

(i) Low-interaction Honeypot — These types of honeypots have 
the limited extend of interaction with external system. FTP is the example of 
this type of honeypot. There is no operation system for attackers to interact 
with, but they implement targets to attract or detect attackers by using software 
to emulate features of a particular operating system and network services on 
a host operation system. Main advantage of this type of honeypot is that, it is 
very casy to deploy and maintain and it does not involve any complex 
architecture. With this advantage there is also some drawback of this system 
That is, it will not respond accurately to exploits. This creates the limitation 1 
ability to aid in discovering new vulnerabilities or new attack patterns. LOW” 
interactive honcypots are a safer and easy way to gather info abou! the 
frequently occurred attacks and their sources. 

(ii) High-interaction Honeypot — This is the most advanced 
honcypot. This type of honeypot have very higher level of interaction w iuh the 
intrusive system. It gives more realistic experience to the attackers and gather? 
morc information about intended attacks; this also involves very high risk e 
capturing of whole honeypot. High-interaction honeypot are most comp! 
and time CUDSUHBSEE 36 design and manape. High-interactive honeypot = 
more useful in the cases, where we want to capture the details of vulnerabiliv? 
or exploits that are not yet known to the outside world. This honeypot * 
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best in the case of “0-Day attacks". Ex — Honcynets — which are typically 
used for research purposc. 

(iii) Medium-interaction Honeypot — These are also known as mixed- 
interactive honcypots. Medium-interaction honeypots are slightly more 
sophisticated than low-interaction honeypots, but are less sophisticated than 
high-interaction honeypots. It provides the attacker with a better illusion of 
the operation system so that more complex attacks can be logged and analysed. 
Ex : Honeytrap : it dynamically creates port listeners based on TCP connection 
attempts extracted from a network interface stream, which allows the handling 


of some unknown attacks. 


SECURITY CHALLENGES, VIRTUALIZATION SECURITY 
— MANAGEMENT, VIRTUAL THREATS, VM SECURITY 
- RECOMMENDATIONS, VM-SPECIFIC SECURITY 
ECHNIQUES, SECURE EXECUTION ENVIRONMENTS AND . 
~~ COMMUNICATIONS IN CLOUD ue 


Q.3I. List and explain various cloud computing security challenges. 
[R.GP.V., June 2015 (BE) 
Or 


What are the different security challenges in cloud computing ? Discuss 
each in brief. [R. GB X., May 2019 (BE)] 


Ans. The security challenges in cloud computing are as follows — 

(i) Logical Storage Segregation and Multi-tenancy Security 
Issues— Users can store and deliver their data across the globe through Internet 
Using cloud computing. The user does not control, and typically does not even 
know the location where the data is exactly stored. There is a possibility that 
User and their competitor’s data can reside on the same physical storage device 
With logical segregation. That's why there is a chances of user's private data 
to be viewed by the other users. Ifthe data and the information are not protected 
from other users then it is a major risk for the user to keep their information 
Private in the cloud. In addition, the data is deployed on the cloud service 
Provider's infrastructure on a multitenant model basis. This situation brings 
who maintains the audit records of the data ? Who 


the Security concems like Ww 
| ownership ? To handle such sensitive 


Owns the data ownership and contro | 
Situations, cloud service provider should ensure proper data isolation. 

(ii) Identity Management Issues — The advancement of cloud 
Fomputin based on numerous technical and business models signifies that 
Sloud computing with an appropriate identity management can be considered 
&a Superset of all the corresponding issues from these paradigms and many 
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more. As the traditional identity and access management is still facing so man 

challenges when considering it for cloud computing, it needs to be more OT 
Unlike traditional identity management, simply managing users and Services ^ 
not sufficient is cloud computing. 


(iii) Insider Attacks — In cloud computing, one of the major security 
concems is that the customer loses direct control over potentially business 
sensitive and confidential data. This needs more attention because the cloud 
service provider is outside the trusted domain of customer. The risk of malicious 
insider is the most dangerous security threats. This threat is intensified for 
customers of cloud services by the union of infrastructure, services and 
customers under a single controlling domain, with a huge lack of transparency 
in the way the cloud service provider services through its processes and 
procedures. 


software methods to allow construction of trusted platforms suggests use of 
remote attestation. 
(ii) At Platform Level— Atthis level, provider maintains data integrity 
snd availability. 
| (a) Integrity — When you download a file from Internet. It is 
require to check your file data is some as you want. It should not a malicious 
program and there is not any computer between you and server which sending 
youa different file. It is known as man-in-the-middle attack. You should ensure 
file integrity. The integrity technique protects you data from man-in-the-middle 
attack. 
Integrity Goals — 
(1) Protect data from man-in-the-middle attack. 
(2) Preservation of the internal and external consistency. 


(b) Confidentiality — Confidentiality helps the user to conform 
that unauthorized person like hacker and other person cannot be seen user 
data. Encryption is one of the most famous method to protect your data from 
seen by unauthorized person. 

(c) Authentication — Refer to Q.7 (1). 

(d) Defense from Intrusion and DoS Attack — The aim of 
DoS attack is to reduce the system performance or fully interrupt the system 
Service, The attacker can use various method to achieve this goal. For instance 


the attacker sends too many login requests to a server using different random 


Its continuously in quick succession due to which networ 
t (iii) At Application Level — The following rules are an integral part 

ofthe application development and deployment process — 

(a) Regulatory Compliance — The target is defined in regulatory 

compliance that organization want to achieve to conform that they are taken 

Steps to comply with relevant rules and regulation 

(b) Data Segregation — Data segreg 

User data which is held by broker from broker data. 

(c) Availability — Availability means network, pardwekes 

software, system are reliable and after any error they can recover immediately 

nd fully, These must not be affected by denial of service attacks. 


(iv) At Data Level- For protecting data from corruption and losses, 
at infrastructure level. We should also 


(iv) Virtualization Issues — Virtualization is a key element for cloud 
computing to achieve its objective. It can be achieved through a hypervisor. 
Virtualization of enterprise servers introduces noteworthy security concerns 
due to aggregation of risks. Associating multiple servers with one host removes 
the physical separation between servers, increasing the risk of undesirable 
cooperation of one application with others on the same host. At the same time, 
if an attacker gets the root to access the hypervisor, then it brings significant 
threats to the cloud computing. The attacker can gain access to all Guest's OS 


ested pu that virtualization server, if the attacker hacks the virtualization 
host machine. 


25 Loa How is security provided to data at various stages in context of 
[R.GP. V, Dec. 2017 (BEI 


Ans. Security provided to data at vari 
discussed below — arious stages in context of clo 


s. 
ation refers to separate the 


(2) Protection at Infrastructure Level — 


(1) All system admin right must not be get by any single 


person. 


(2) Restricted acc 


ices Hürvei : ess control policies, stringent 8°" We ne : hni 

device and surveillance technique should be use b policies, i physic”! € Perform data protection technique ; Pre a 

integrity of the hardware, e by provider to pro conform that data is encrypted during transit and at rest, We shou i 
(3) Trusted com pent Perform stringent security process, periodic audits. C loud is secure across a 


: a : puting pro j ify and imple! layer ; i f innt 'ulnerability testing. 
security measures at infrastructure stage cada A t m and Yer is conformed by ethical hacking and vulnerability testing 
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0.33. Describe the top threats identified by cloud security alliance (CSA 
of cloud computing. [R.GEV, Dec. 2013 (BEJ 

Ans. The top threats identified by cloud security alliance (CSA) of clo, 
computing are as follows — 

(i) Shared Technology — Disk partitions, central processing uni 
caches, graphics processing units and other shared elements were never design ed 
for strong compartmentalization. As a result, attackers focus on how to affect 
the operations of other cloud customers and gain unauthorized access to data. 

(ii) Insecure APIs — Criminals continue to leverage new technologies 
to improve their reach, avoid detection, and improve the effectiveness of thei, 
activities. 

(iii) Malicious Insiders — Risk arises because the cloud service 
providers do not disclose their hiring standards and policies; potential harm 
due to this particular form of attack is quite substantial. 

(ix) Data Loss or Leakage — Data loss or leakage can have 
devastating effect on a business. Beyond the damage it can cause to one’s 


brand and reputation, a loss could significantly affect employee, partner, and 
customer morale and trust. 


(v) Account and Service Hijacking — Account and service hijacking, 
usually with stolen credentials, remains a top threat. With stolen credentials, 
attackers can often access critical areas of deployed cloud computing services, 


v rg compromise the confidentiality, integrity and availability of 


(vi) Unknown Risk Profile — It refers to i 
i) Ui ' exposure to the ignorance 
or underestimation of the very risks of cloud computing. 


ia rirtuatization security management in cloud computing. 

Ans. Threats to the vi poter V, Dec. 2015 (BE), Nov. 2019 (MCA)] 

although the global is uis infrastructure are evolving just as quickly 

virtual machine, virtual memo virtualization is a relatively recent event. The 

minimum set of components Ty manager and hypervisor or host OS are the 

virtual environment in a fi required in a virtual environment, They comprise 
ew different Ways — 


(i) Type 1 virtual envi ; 
environments eine ng a are considered full virtualizali? 
machine running on a hypervisor that interac 


(ü) Type 2 virtual envi à; 
but work with a host OS. environments are also considered full virtualizati” 


(iii) Para-virtualized envir 


eliminating some ofthe emulation thar c offer performance gains P 


on . f 1 
that occurs in full virtualization environmenP 
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F3 (iv) Oiher type designations include hybrid virtual machines and 
-dware-assistec techniques. 

F These cla: suications are somewhat ambiguous in the IT community at 
prge. From a security perspective, there is a more significant impact when a 
post OS with user applications and interfaces js running outside of a VM ata 
evel lower than the other VMs. Because of its architecture, the type 2 
environment increases the potential risk of attacks against the host OS. 

d The VMware infrastructure is managed by several users performing 
different roles. The roles assumed by administrators are the Virtualization 
Server Administrator Virtual Machine Administrator, and Guest Administrator. 
VMware infrastructure users may have different roles and responsibilities, but 
some functional overlap may occur. 

| Q.35. Describe virtual threats of the vulnerabilities in virtual 


environments. 


i Ans. Some of the vulnerabilities exposed to any malicious-minded 
individuals are — 
, (i) Shared Clipboard — This technology permits the transfer of 
data between VMs and the host. Thus, it offers a way to move data between 
malicious programs in VMs of different security realms. 
itt (ii) Keystroke Logging - Some VM technologies permit the logging 
of keystrokes and screen updates to be sent across virtual terminals in virtual 
machine, writing to host files and allowing the monitoring of encrypted terminal 
connections within the VM. 
(iii) Virtual Machine 
should not be able to directly access v 


However, intruders may use a hacker tec led as 
redirect packets going to or from the other VM for sniffing, if the VM platform 


"Uses a virtual hub or switch to connect the VMs to the host. . 
(iv) VM Monitoring from the Host — The host may affect the VM 
in following ways — . 
(a) Beginning, pausing, stapping, and restant VMs. 
(b) Monitoring the applications executing within the VM. 
(c) Configuring and monitoring resources available to the VMs, 
like CPU, memory, and disk. 
Pup the amount of memory, amount and number of 
Virtual disks, number of CPUs, and number of virtual network interfaces 


àvailable toa VM. | 
: (e) Viewing, copying 
Virtual disks, 


Monitoring from Another VM — One VM 
irtual disk of another VM on the host. 
hnique, called as ARP poisoning, to 


and updating data stored on the VM's 


S 
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(v) Virtual Machine Backdoors — A backdoor can permit intrude, 
to carry out dangerous operations. ! 


(i) Root Secure the VM Monitor — The VM monitor should be rc 
secure because many operating systems can be com ised through privilege 
escalation. 


0.36. Discuss the virtual machine (VM) security recommendation, (ii) Implement only One Primary Functio 
: è abe ii) Implement on. i -H : 
Ans. The virtual machine (VM) security recommendations include the difficult for h "s *s ability diamo aber si cient 
5 € T ^ Él its 
follow ing - l uu" VM is implemented with one primary function per virtual server or device. 
(i) VM Using Encrypted Communications — An encryption f. (iii) VM Harden the Hypervisor — lt is difficult to attention on the 


technologies, like SSH (secure shell), encrypted VPNs (virtual privat, 
networks), TLS (transport layer security) and HTTPS (secure HTTP) should 
be used to give secure communication links between the guest domain ang 
the host domain, or from hosts to management systems. Encryption help to 
avoid exploits as MITM (man-in-the-middle), spoofed attacks and session 
hijacking. 

(ii) Patching and Updating — The concept of timely patching and 
updating of systems are enforced by most of the standards organizations. But, 
the proliferation of VMs in the organization adds complexity to the patch 

| control process. This means that we not only patch and update the host OS 
promptly, but every virtual machines needs the same patching schedule. 

(iii) VM Maintaining Backups — Perform image backup frequently 
for all production VMs. This will aid recovery of both individual files or the 
complete server image. Protection of the physical backup is also a part of best 
practices. This includes protection of the data stream of the backup. 

(iv) Enabling Perimeter Defense on the VM — The perimeter defense 
devices are some of the oldest and most established ways of enforcing the 
security policy, by regulating data traffic ingress and egress. 

(v) VM Hardening the Host Operating System — The hardening 
techniques must be implemented to maintain the security posture of the 
underlying technology. Some of these techniques include are — 

(a) After testing on a non-production unit, patch and update 
the host regularly. 
(b) Individually firewall should be host. 

(c) Use strong passwords, like lengthy, hard to guess passwords 
with letters, numbers, small character combinations and symbol combinations, 
and change them often. 

| -— E rae or ii e File Integrity Checks — File integrity checking 
fying that the files retain the proper consistency, and 
serves as a check for intrusion into the system. 


[ (iv) Firewall any Additional VM Ports — VM may open multiple 

ports linked to the host's external IP address, besides the usual ports opened 

T by the host. The host system should be independently firewalled with a minimum 

' of access allowed. 

{ (v) VM Harden the Host Domain — The Host Domain of the host 
Linux OS system must be secure, before securing any virtual machine. 

— A compromise of the Host Domain makes compromising the Guest 
omains a simple task. Thus steps should be taken to reduce the attack surface 

of the Host Domain. These include the following — 

(a) Remove unnecessary groups and accounts. 

(b) Remove unnecessary files, binaries, and libraries. 

i (c) Disable unnecessary services. 

i (d) Firewall network access to the host. 

r (e) Install monitoring or Host intrusion detection systems. 

fi 


= Q.38. Discuss secure execution environment and communications in 

cloud computing. 

— Ans. Secure Execution Environment — One of the difficult tasks in cloud 
t "computing is the configuration of computing platforms for secure execution. In 
many cases, it is not performed well due to several involved parameters. This 
- offers opportunities for malware to exploit vulnerabilities, like downloading code 
- embedded in data and having the code run at a high privilege level. 


The main difficulty of creating a secure execution environment in cloud 
e client to the cloud provider. However, 


computing is transferred from th id p i 
thentication mechanisms. In 


- Protected data transfers are done using strong au 
- &ssence, the client's port to the cloud may offer an attack path in the absence 


— f properly provisioned security measures. Hence, computations and data 

- Xchanpes are done in a secure environment to assure the client. 

| In secure execution of code, another great concern is the extreme use of 
Unsafe programming languages like C and C++ in place of more secure languages 

like object-oriented C# and object-oriented Java. 


0.37. Describe the VM-specific Security techniques. 
Ans. Some important VM-specific security techniques are as follow? ~ 
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Secure Communications — Secure cloud communications encompass 
the structures, transport formats, transmission methods, and security Measure 
that give confidentiality, integrity, availability, and authentication Ai 
transmissions over public and private communications networks. Secure aloi 
computing communications makes sure the following — 

(i) Confidentiality — It makes sure that only those who are authorizeq 
to access data can retrieve it. 
(ii) Integrity — 1t makes sure that data has n 


of an accident or malice. 
(iii) Availability — It makes sure that data is accessible to authorized 


ot been altered because 


users when required. 
0.39. What is VPN ? Also discuss its types. [R.GF V., May 2018 (MCA Jl 


Ans. A virtual private network (VPN) is formed by constructing a secure 
communications link between two nodes by using the properties of a point-to- 
point private link. A VPN is used to make simple secure remote access into the 
cloud, establish a secure data tunnel within a network, or securely connect 
two networks together. 

The tunnel is the portion of the link in which the private data is encap- 
sulated. Data is encapsulated with a header that gives routing information to 
emulate a point-to-point link. Mostly, the encryption of data is done to achieve 
confi- dentiality. This encrypted link part is viewed as the actual virtual 
private network connec- tion. A common VPN configuration with example 
IP addresses for remote access into a company's intranet through the Inter- 
net is shown in fig. 4.3. Address 192.168.123.3 denotes the company's 


router. 


192.168.123.3 
VPN Server 


192.168.123.113 


Fig. 4.3 VPN Configuration 


"s are pes general types of VPNs relevant to cloud computing na 
emote access VPNs and network-to-network VPNs. These VPNs type 
discussed as follows — ccn 


mely, 
s are 
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(i) Remote Access VPNs —To maintain confidentiality and integrity, 
a VPN can be configured to offer remote access to company’s resources ovet 
the public Internet. This configuration allows the remote user to use local ISP 
to access the Internet without forcing the user to create a long-distance or 
800 call to a third-party access provider. The VPN software establishes a 
virtual private network between the dial-up user and the company’s VPN 
server across the Internet using the connection to the local ISP. A remote user 


VPN connection is shown in fig. 4.4. 


192.168.123.3 
VPN Server 


192.168.123.113 


Fig. 4.4 Remote Access VPN Configuration 
(ii) Network-to-network VPNs — A common use of a VPN is to 
connect two networks, perhaps the main company’s LAN and a remote branch 


office LAN, through the Internet. A VPN connection can be either dial up or 
dedicated lines. The connection to the local ISP is used by the VPN software to 


establish a VPN tunnel between the branch office router and the company’s hub 
router across the Internet. A remote branch office connected to the company’s 
main office using a VPN tunnel through the Intemet is shown in fig. 4.5. 

VPN Connection 


Dedicated Dedicated 
or Dial-up Link to ISP 


Link to ISP 


Fig. 4.5 A Network-to-network VPN Configuration 


0.40. Explain about VPN tunneling in detail. 
Ans. A method of transferring data from one network to another network 
by encapsulating the packets in an additional header is known as tunneling. 


t eie 
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The extra header gives routing information so that the encapsulated payload 
can travel in the intermediate networks. This is depicted in fig. 4.6. 


Transit Internetwork Header 


Transit 
Internetwork 


Payload 


Payload 
(a 


=a 


Tunneled 
Payload 


Tunnel Endpoints 
Fig. 4.6 A VPN Tunnel and Payload 


Both the tunnel client and the tunnel server must be utilizing the same 
tunneling protocol to establish a tunnel. Tunneling technology depends on 
either a Layer 2 or a Layer 3 tunneling protocol. Both layers correspond to the 
OSI reference model. 

Tunneling, and the use of a VPN, is not con- sidered as a substitute for 
encryption and de- cryption. The strongest possible encryption should be 
used within the VPN itself, and tunneling should serve only as a convenience 
in cases where a high level of security is required. 


IPSec is a popular tunneling protocol for network-to-network connectivity. 
IPSec encapsulates IP packets in an extra IP header. It functions at the network 


layer of OSI model and permits multiple simultaneous tunnels. IPSec can 
encrypt and authenticate IP data. 


Tunnel 


SUES IN CLOUD COMPUTING, IMPLEMENTING REAL TIME 
PPLICATION, QoS ISSUES IN CLOUD, DEPENDABILITY, 


DATA MIGRATION, STREAMING IN CLOUD, CLOUD 


jh _ MIDDLEWARE | 


Q.1. Write down the issues in cloud computing. 


Ans. Issues in cloud computing are as follows — 


(i) Privacy — Cloud computing utilizes the virtual computing 
technology, users’ personal data may be scattered in various virtual data 
centers rather than stay in the same physical location, users may leak hidden 
information when they care accessed cloud computing services. arena 
can analyze the critical task depend on the computing task submitted by the 
users, 


Q.41. Write short note on lightweight directory access protocol. 


Ans. A more efficient version of the DAP is the lightweight directory 
access protocol (LDAP). LDAP servers communicate through referrals. It 
sends a referral to the requesting directory, if it gets a directory with the 
needed entry. 

A standard format is given by LDAP for accessing the certificate 
directories. These directories offer public keys and corresponding X.509 


(ii) Reliability — The cloud servers also experience downtimes and 
slowdowns as our local server. d 

(iii) Legal Issues — Worries stick with safety measures an 
Confidentiality of individual all the way through legislative e. d 

(iv) Compliance — Numerous regulations pertain s einen the 
Use of data requires regular reporting and audit trails. In a nuin is 
Tequirements to which customers are subject, the data centers mainta 


certificates for the enterprise and are stored on network LDAP servers. À 
directory has information like individual's names, addresses, phone numbers, 
and public key certificates. The standards under X.500 specify the protocols 


and information models for computer directory services that do not depend 
on the platforms and other related entities, 


Cloud providers may also be subject to compli 


S the storage of the data, leaving the data storag 
«nds of cloud providers. 


MO the cloud will never become invalid even your 
£0 broke or get acquired and swallowed up by 


0.2. Write a short note on Google AppEngine. 


ance requirements. 
low users to physically 


i 5 l 
(v) Freedom — Cloud computing does nota paier pur sd 


be sure that the data you put 
cloud computing provider 
a larger company. 


(vi) Long-term Viability — You should 


4), Nov. 2019 (MCAT 
[R.GP.V.,, May 2018, May 2019 (MCA), Nov i 
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Ans. Google AppEngine is a Platform-as-a-Service implementation, It 
offers services for developing and hosting expandable Web applications, | a 
a distributed and scalable runtime environment that uses Google’s distributeg 
infrastructure to scale out applications handling several requests by allocating 
more computing resources to them and balancing the load among them. The 
completion of runtime is done by a collection of services permitting developers 
to design and implement applications that scale on AppEngine. The languages 
like Java, Python, and Go are used by developers, to develop applications. 
AppEngine constantly meters application’s usage of Google resources and 
services. It bills users when their applications trespass free quotas. 


Q.3. Describe the major cloud features of Google application engine, 
[R.GP.V., Dec. 2013 (BE), Dec. 2016 (BE) 
Ans. Google application engine supports the following major features — 
(i) Persistent storage, with query access sorting and transaction 
management features. 
(ii) Scheduled tasks for triggering events at specified times or 
regular intervals. 
(ii) Asynchronous task queues for performing work outside the 
scope of a request. 
(iv) Automatic scaling and load balancing. 
(v) One of either two runtime environments — Java or Python. 
(vi) Authentication using Google Accounts API. 
(vii) Dynamic Web services based on common standards. 
(viii) A client side development environment for simulating Google 
application engine on your local system. 
(ix) Integration with other Google cloud services and APIs. 


Q.4. Discuss the runtime environment component of Google AppEngine. 


Ans. The execution context of applications hosted on AppEngine is 
represented by the runtime enviornment. The runtime comes into existence 


when the request handler begins to execute and terminates once the handler 
has completed. 


(i)  Sandboxing — A key responsibility of the runtime environment i5 
to offer application environment with an isolated and protected context where 
they can run without forming a threat to the server and without being affected 
by other applications. That is, applications are offered by it with a sandbox. 


(ii) Supported Runtimes — At present, developers can develop 
AppEngine applications in Java, Python, and Go. 

At present, AppEngine supports Java 6, Developers utilize the common 

tools for Web applications development in Java, like the JSP and the 


A 
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applications interact with the enviornment by means of Java Servlet standard. 
“Also, Java libraries provides access to AppEngine services Java libraries 
"reveal specific interfaces of provider specific implementations of given 
"abstraction layer. 

i An optimized interpreter supporting python 2.5.2 offers support for 
Python. The runtime environment supports the Python standard library but 
"some modules implementing harmful operations have been eliminated and try 
a import such modules or call specific methods produce exceptions. 
AppEngine contains a collection of libraries connecting applications to AppEngine 


“services with respect to application development. 


The applications developed with the Go programming language are hosted 
and executed in AppEngine. r58.1 is the recent version of Go. Some of the 
modules have been deleted or produce a run-time exception. 


Q.5. Discuss the compute services offered by AppEngine. 


Ans. AppEngine has services that facilitate the execution of computations 
that are off-bandwidth, i.e., that cannot be contained within the time frame of 
the Web request handling. These are — 

(i) Task Queues — Applications can submit a task for later execution 
using task queues. Task queues are useful for long computations that cannot 
finish within the maximum response time of a request handler. Users can have 
maximum 10 queues to execute tasks at a configurable rate. 

A Web request to a given URL defines a task. The request handler is 
invoked by the queue by passing the payload as part of the Web request to the 
handler. The request handler performs the task execution. In case of failure, 
the queue re-executes the task in order to avoid that transient failures stop the 
task from a successful completion. l l 

(ii) Cron Jobs — It might happen that the needed operation Ve 
to be performed at a particular time of the day, which does not sre e ie ie 
the time of the Web request. In this situation, cron jobs service may Fan e 
Schedule the needed operation at the specified time. The service bas oye 
as task queues, but invokes the request handler specified in the taska g 
time. In case of failure, the service does not re-execute the task. E 

: ; eine with suitable bloc 
Eas Explain a user view of Google iuc PV, June 2017 a 
. Ans, Google AppEngine platform architecture are divided into tou 
©mponents — "CUM 

(i) Infrastructure — Web applications can is di by AppEng 
nd its primary function is to serve users requests epueteniey 


I j > 4. 
(ii) Runtime Environment — Refer to Q 


EE 
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(iii) Storage — There are three different level of storage — in ties 
cache, storage for semi-structured data and long-term storage for static agp 
a, 


(a) Static File Servers - Web applications comprised of star 
and dynamic data. Static data is mostly constituted through the elements E 
express the graphical application layout (CSS files, sound files, ich 
files and plain html files) and data files. Dynamic data is a result of the 
logic and the interaction with the user. 


(b) Data Store - A service permitting developers to store semi 
structured data is referred to the data store. 


java Script 
application 


(iv) Application Services — Application hosted on AppEngine consider 
the most from the services made available by the runtime environment. These 


services simplify most of the common operations which are done in web 
applications. 


(v) Compute Services — Refer to Q.5. 


g79--—---. 


t Web App: 


pee. pee n-. pooucnanan 


: Web App! 1 Web App! : Web Appi 
LI 


Sandboxed Runtime 
Environment 


Google AppEngine Infrastructure 


Development 


Fig. 
Q.7. Wh dd AppEngine Architecture 
PEL / t . 
explain Googte File E Programming supports of Google AppEngine ? Also 
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and in Python, although the rts applications written in Javà 
the future. The A es m 
: age-agnostic, A numbe 
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allows lor free EPP lication development and deployment upto a certain level of 
resource consumption. 


Also refer to Q.4 (Unit-III). 


0.8. What do you mean by quality of service (QoS) ? 


Ans. Users of Internet network is increasing day-by-day, network 
requirement also increases to achieve good performance. Therefore, many 
online services need a very large bandwidth and network performance. Network 
performance is the element that disquiet the users and service providers. Internet 
service providers should bring new technologies to provide the best services 
before competitors strike them. 

Quality of Service refers to the ability of networks to attain maximum 
bandwidth and handle other network elements like latency, error rate and uptime. 
Quality of Service include the management of other networks resource by 
allocating priorities to specific type of data (audio, video and file). 

Basic implementation of QoS need three major component such as — 

(i) QoS within one network element. 

(ii) QoS policy and management functions to control end-to-end 
traffic across network. 

(iii) Identification techniques for coordinating QoS from end-to-end 
between network elements. 


Q.9. Describe the issues and challenges of QoS in cloud computing. 


Ans. The aim of cloud computing is to effectively exploit the shared pool 
of various resources so as to optimize the computing. To maintain the cloud 
Platforms, cloud resources and services various issues and challenges are 
associated. 


Issues — There a major issue associates with management of cloud services 
fesults to the catastrophe. With the increasing trend of the cloud services It 
become more difficult to investigate the QoS for cloud. The prime pun "i 
the Security and privacy during the transmissions of the resources s c iens 
The Study shows that many companies like facebook, Amazon, pue ea ge 
Concerned about the data which should be kept confidential to share m 
Other companies with high bandwidth rate with having less delay. wir ed 
database is a crucial component in the software stack of many per server 
sPlications, The various existential issues associated with the floo 

e- 
(i) ^ Managing and ensuring application 1n QoS 
(i) Cost 
(iii) Increasing services for users 


. » errors 
: sh „r with more erro 
(iv) Slow applications when hosted on sever 
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(v) Guaranteed own SLA’s 

(vi) No data limits 

(vii) Performance of the applications 
(vili) System backlog. 

The cloud applications need to be managed properly online so that it can 
serve best to its clients. This may lead to various viz delay, jittter or packet 
loss associated with real-time applications. Traditionally, fault tolerance 
software's was quiet costlier but got reduced when cloud services came into 
the existence. 


Challenges — The main challenge is to solve scalability and the 
dependability issues in managing the QoS in cloud computing. fig. 5.2 shows 
the CloudDB framework for a management of the application-defined service 
level agreements (SLA) for cloud hosted database. The below mentioned 
architecture manages the input and output of the database in cloud applications 
The SLA checker checks the results of monitoring module and make 
comparisons against the application defined SLA and reports if SLA is violated. 
Basically, it checks how many SLA’s has been violated. 


Cloud Application 
Database Requests 


Database Proxy 


Admission Control 


Adaptive Action 


Fig. 5.2 Framework for CloudDB AutoAdmin 


pie Brief note on dependability techniques in cloud computing. 
- Piin à air: = oe be classified in different ways depending 
appear as failures to the end use Ince, we are interested in typical faults that 
to other distributed Ts, we classify the faults into two types similarly 
systems. First, crash faults that cause the syst¢™ 
components to completely stop functioning or remain inactive during failures 


f 
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"(e.g power outage, hard disk crash), and second, byzantine faults that leads 
‘the system components to behave arbitrarily or maliciously during failure, 
- causing the system to behave unpredictably incorrect. 

The most widely adopted methods to achieve fault tolerance against crash 
_ faults and byzantine faults are as follows - 

(i) Checking and Monitoring — The system is constantly monitored 
_ at runtime to validate, verify and ensure that correct system specifications are 
- being met. This technique, while simple, plays a key role in failure detection 


` and subsequent reconfiguration. 


(ii) Checkpoint and Restart — The system state is captured and 


- saved based on pre-defined parameters (e.g., after every 1024 instructions or 
- every 60 seconds). When the system undergoes a failure, it is restored to the 


previously known correct state using the latest checkpoint information (instead 
of restarting the system from start). 

(iii) Replication — Critical system components are duplicated using 

- additional hardware, software and network resources in such a way that a 


- copy of the critical components is available even after a failure happens. 
- Replication mechanisms are mainly used in two formats 
- Inactive replication, all the re 


— active and passive. 
plicas are simultaneously invoked and each replica 
processes the same request at the same time. This implies that all the replicas 
have the same system state at any given point of time (unless designed to 
function in an asynchronous manner) and it can continue to deliver its service 
even in case ofa single replica failure. This method is also called as hot standby. 
In passive replication, only one processing unit (the primary replica) processes 
the requests while the backup replicas only save the system state during normal 
execution periods. Backup replicas take over the execution process only when 
the primary replica fails. This method is called as cold standby. The N + M 
technique of adding M standby hosts to spares for N working hosts to 
accommodate up to M failures is the most popular solution. 


Q.11. Write short note on data migration. 

Ans. Data migration to a cloud computing environment ts in many ways 
an exercise in risk management. Both qualitative and quantitative factors apply 
in an analysis. The risks must be carefully balanced against the available 
safeguards and expected benefits, with the understanding that accountability 
for security remains with the organization. Too many controls can be inefficient 
and ineffective, if the benefits outweigh the costs and associated risks. An 
appropriate balance between the strength of controls and the relative risk 
associated with particular programs and operations must be ensured. Moreover, 
if data migration is not done systematically and properly, it can give rise to 
Problems concerning data and cloud security of company's assets that primarily 
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(iv) Adaptive Mobile Video Streaming (AMoS) — In cloud we use 
" user-Adaptive Mobile Video Streaming (AMoS) and the User Behaviour Oriented 
| video Pre-Fetching (UBoP). This method reduces the traffic using SVC for 
adjust streaming. For distributing video in proper way in mobile network used 
private agent. It shows the social interaction between the mobile users. Video 
- quality based on feedback of link quality. Result shows that the cloud can 
effectively provide the video streaming and video sharing on network. 
(v) Rendering Adaptation Technique — In this technique graphic 
rendering work on cloud instead of mobile devices. This is based on bit rate 
and computation load. 
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comprise of data. Thus, hiring cloud providers having sound experience about 
the field with ample knowledge and skill sets becomes vital for managin 
cloud more effectively and efficiently. i 
For example — Suppose an XYZ company wants to shift its data to cloud 
storage for increased uptime and scalability, it goes to cloud service Provider 
for performing such functions. Now, the cloud provider starts initializing Steps 
for data transfer to cloud, but in between face problems like data crash ór 
unauthorized access by third parties. This is where the problem lies. The 
proprietor of data that hired cloud manager would not only face reputation 
losses but also monetary losses. Similar case was experienced when Amazon 
cloud failure happened and several business suffered immense losses due to it. 
Thus, securing data remains an utmost priority of cloud managers to prevent 
global cloud security threats that also include cross-border security concems, 
Some characteristic of data migration are as follows — 
(i) Commercial relation exists between clouds. 
(i) Transmission of mass data. 
(iii) Many workers which execute transmission process concurrently, 


Q.13. What do you mean by middleware ? 


Ans. Middleware is an important class of technology that is serving to 
- decrease the cycle-time, level of effort, and complexity associated with developing 
high-quality, flexible, and interoperable distributed systems. When implemented 
properly, middleware can help to shield developers of distributed systems from 
low-level, tedious, and error-prone platform details, such as socket-level network 
programming. It was invented in an attempt to help simplify the software 
development of distributed computing systems, and bring those capabilities within 
the reach of many more developers than the few experts at the time who could 
master the complexities of these environments. Complex system integration 
requirements were not being met from the application perspective, where it was 
too hard and not reusable, or the network or host operating system perspectives, 
which were necessarily concerned with providing the communication and end 
System resource management layers, respectively. One also finds business 
intelligence, content and collaboration tools, as well as portal capabilities that 
allow connections to customers and partners enabled at the middleware level, 
middleware and middleware-based architectures. Middleware is systems software 
that resides between the application and the underlying operating systems, 
network protocol stacks, and hardware. 

Its primary role is to (i) functionally bridge the gap between application 
Programs and the lower-level hardware and software infrastructure in order 
to coordinate how parts of applications are connected and how they interoperate 
and (ii) enable and simplify the integration of components developed by multiple 
technology suppliers. 


0.14, Write short note on cloud middleware. 

Ans. Datacenters running a cloud environment often enclose a large number 
Of machines that are connected by a high-speed network. Users access sites 
hosted by the cloud environment through the public Internet. A site is typically 
Accessed through a URL that is translated to a network address through a 
Blobal directory service, such as DNS. A request to a site is routed through the 


ER Ts 


Q.12. How can we improve video quality in cloud streaming ? 


Ans. Some approaches to improve video quality of smart phones are as 
follows — 


(i) P2P Live Video Streaming — Cloud-based P2P Live Video 
Streaming Platform (Cloud PP) that uses public cloud servers to construct an 
efficient and scalable video delivery platform with Scalable Video Coding (SVC) 
technology. The cloud server behaves like a SVC extractor, enabling a very 
large number of clients to receive live video streams at the same time by 


dynamically arranging available resources bas . ; 
g ed on th lit 
requested by clients. e streaming quality 


(ii) Asymmetric Graphics Rendering — This method significantly 
reduces the video encoding bit rate needed for a certain video quality, thereby 
oe it casier to transmit the video over wireless network. It is possible to 

appropriate graphics rendering parameters according to network constraints, 
such that the user experience can be maintained to a high level. 


— inge Video Coding — The cloud server behaves like a SVC 
at the same time b Pid icd DUREE of clients to receive live video streams 
streaming quality i a F arranging available resources based on the 
E ERTA UL. y clients, SVC standardizes the encoding of # 
The subset bit stream cam that also contains one or more subset bit streams 
lower te l can represent a lower spatial resolution (smaller screen), 
r temporal resolution (lower frame rate), or lower quality video signal. 


di 
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Internet to a machine inside the datacenter that either processes the request or 
forwards it. 
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Fig. 5.3 Cloud Middleware 


Q.15. Give examples of middleware. 


Ans. Middleware is sometimes used in a similar sense to a software driver, 
an abstraction layer that hides detail about hardware devices or other software 
from an application. The Android environment uses the Linux operating system 
at its core, and also provides an application framework that developers 
incorporate into their applications. The Android middleware layer also contains 
the Dalvik virtual machine and its core Java application libraries. Game engine 
software such as Gamebryo and Renderware are sometimes described as 
middleware, because they provide many services to simplify game development. 
In simulation technology, middleware is generally used in the context of the 
high level architecture (HLA) that applies to many distributed simulations. The 
QNX operating system offers middleware for providing multimedia services 
for use in automobiles, aircraft and other environments. Multimedia Home 


Platform ( DVB-MH P) is an open middleware system standard designed by the 
DVB project for interactive digital television. 


EMEND E 
MOBILE CLOUD COMPUTING, INTER CLOUD 

| i ISSUES, A GRID 

_OF CLOUDS, SKY COMPUTING, LOAD BALANCING, RESOURCE 

| OPTIMIZATION, RESOURCE DYNAMIC RECONFIGURATION 


Q.16. What is mobile cloud computing ? 
Ans. Several definitions of mobile cloud computing (MCC) are available- 
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- For example, mobile cloud computing is defined as “a rich mobile computing 
technology that leverages unified clastic resources of varied clouds and network 
technologies toward unrestricted functionality, storage, and mobility. It serves 
amultitude of mobile devices anywhere anytime through the channel of Ethernet 
or Internet regardless of heterogeneous environments and platforms based on 
the pay-as-you-use principle”. 

Another definition of mobile cloud computing is that — “Mobile cloud 
computing at its simplest, refers to an infrastructure where both the data 
storage and data processing happen outside of the mobile device. Mobile cloud 
applications move the computing power and data storage away from mobile 
phones and into the cloud, bringing applications and MC to not just smartphone 
users but a much broader range of mobile subscribers". 


Q.17. What are the advantages of mobile cloud computing ? 


Ans. The advantages of mobile cloud computing are as follows — 


(i) Compute and Storage Efficiency — By off-loading demanding 
workloads and large data to the cloud, the mobile device can limit the amount 
of processing power and data storage that it requires. 

(ii) More Powerful Mobile Applications — Since the mobile device 
now has access to a powerful cloud on the back end, we have the potential t 
create more powerful mobile applications than previously possible. 

(iii) Energy Efficiency — Much of the resource-intensive work in 
mobile applications can be off-loaded to the cloud, which means that mobile 
clients can focus more on reducing energy consumption without trading off 
on performance. 

(iv) Thin Mobile Clients — Less resource demands on the mobile 
client means that we can build less powerful mobile devices that achieve 
better overall performance when coupled with a cloud platform. This gives 
us the ability to *dumb down" the mobile clients, to the extent that they only 
handle user interaction and off-load all application work and data to the 


cloud. 


Q.18. Describe the features of mobile cloud computing. 


Ans. The primary features of mobile cloud computing as shown in fig. 


5.4 are as follows — 
(i) Auto Resource Provision and De-provision — Mobile clouds 


Enable auto resource provisions and de-provisions of cloud computing 
Tesources, network resources, and mobile device resources. 

(ii) Scalability — In mobile clouds, scalability includes three 
dimensions — 
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(a) Cloud scalability 
(b) Network scalability 
(c) Mobile scalability in terms of mobile users and devices, 


Mobility, Flexibility 
and Accessibility Mobile Cloud 
Multi-tenancy Service Connectivity 
Auto Resource Mobile 

Provision and Cloud Utility Billing, 

Management Computing and Energy 
Efficient 
Virtualization Mobile Cyber Sccurity 

Scalability & User Privacy 


Fig. 5.4 Primary Features of Mobile Clouds 


(iii) Mobility, Flexibility, and Accessibility — Mobile clouds enable 
mobile users to access mobile cloud applications and services anytime and 
anywhere with personal accessibility. 

(iv) Mobile Cloud Service Connectivity — Mobile clouds offer well- 
defined connectivity APIs and protocols to enable easy and secured connectivity 


between different networks, and standards, and third-party software and 
systems. 


(v) Virtualization — Three types of virtualizations can be supported 
in mobile clouds — 
(a) Network virtualization 
(b) Cloud virtualization for various computing resources 
(c) Mobile devices and resources 


(vi) Multi-tenancy — This feature allows single mobile cloud 


software instance to serve multiple mobile tenants on a wireless Internet or 
heterogeneous networks. 


(vii) Mobile Cyber Security and Privacy — This refers to the body 
of security capabilities, technologies, processes and practices designed t0 
protect mobile devices, heterogeneous networks (both wireless network and 
Internet), cloud servers, mobile application service programs, and data from 
attack, damage or unauthorized access. 


(viii) Mobile Utility Billing and Energy Efficient — This refers '? 
the provided mobile-based utility models, j.e., meter-based, volume base% 
and subscription-based for service billing. 
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Q.19. What is intercloud ? Explain architecture of intercloud. 
[R.GP.V., Dec. 2013 (MCA)] 


— Ans. The term intercloud is used interchangeably to express the concept 
af cloud federation. Intercloud expresses a composition of clouds that are 
interconnected using open standards to offer a universal environment for using 
cloud computing services. Intercloud represents a cloud of clouds and hence 
expresses the same concept of federating together clouds pertaining to different 
administrative organizations. 

^ Intereloud Architecture — The intercloud architecture consists of two 
elements — cloud exchange and cloud coordinator. This is shown in fig. 5.5. 
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Fig. 5.5 Intercloud Architecture 

(i CloudExchange — It is the market-making component of the 
architecture. It provides services that permit providers to detect each other in 
Order to directly trade cloud assets, as well as permits parties to registry and 
Execute auctions. In the first case, CloudExchange works as a directory service 
for the federation. In the second case, CloudExchange executes the auction. 
CloudExchange implements a web service based interface that permits data 
enters to join and leave the federation for providing such services to the 
federation, 


(ii) CloudCoordinator — lt manages domain-specific issues 
ng to the federation. This is available on each party that wishes to join 
eration. It contains front-end components and back-end components. 
teraction of front-end components takes place with the CloudExchange 


Pertaini 
the feq 
The in 
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and with other coordinators. The former permits data centers to mention their 
offers and needs, while the latter permits the coordinator to learn about the 
current state of the data center to determine whether actions from the federation 
are needed or not. Hence, when the coordinator finds that additional resources 
are needed by the data center, it initiates the discovery process of potential 
providers. As soon as the potential providers are found and the interested one 
is chosen, the coordinator meets the remote coordinator and communicates. 
Likewise, when CloudCoordinator finds that local resources arc in use, they 
can mention an offer for resources in the CloudExchange, or they can search 
for matches among needs registered in the exchange service. 


Q.20. Describe the classification of intercloud. 
Ans. The classification of intercloud is shown in fig. 5.6. 


Intcrcloud 


Fig. 5.6 Classification of Interclouds 


(i) Federation Cloud — A federation cloud is an intercloud where a 
set of cloud providers willingly interconnect their cloud infrastructures in 
order to share resources among each other. The cloud providers in the 
federation voluntarily collaborate to exchange resources. This type of intercloud 
is suitable for collaboration of governmental clouds (clouds owned and utilized 
by nonprofit institution or government) or private cloud portfolios (cloud is 4 
part ofa portfolio of clouds where the clouds belong to the same organization). 
Federation clouds takes care of consistency and access controls if more than 
one free geographically distinct clouds share either authentication, files: 
computing resources, command and contro] o 
Types of federation clouds are peer-to 


IEEE P2302 
intercloud 


Example 
Projects 


r access to storage resource? 
-peer and centralized clouds. 

l _ (a) Peer-to-peer Intercloud Federation — Clouds collabora't 
directly with each other but may use distributed entities for directories "' 
brokering. Clouds communicate with each other and negotiate directly without 
mediators. Peer-to-peer intercloud federation is depicted in fig. 5.7 (8)- The 
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ntercloud projects that use peer-to-peer federation are RESERVOIR (resoruces 
and services virtualization without barriers project), open cirrus, OPTIMIS, 
Arjuna agility and global intercloud by Bernstein et al. 


(b) Centralized Intercloud Federation — Clouds use a central 
} ntity to perform or facilitate resource sharing. The central entity acts as a 
storehouse where the available cloud resources are registered. Centralized 
'intercloud federation is depicted in fig. 5.7 (b). The intercloud projects that 
"use centralized intercloud federation are intercloud, contrail, dynamic cloud 
‘collaboration (DCC) and federated cloud management. 
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(a) Peer-to-peer intercloud Federation (b) Centralized Intercloud Federation 
Fig. 5.7 
(ii) Multicloud — In a multicloud, a client or service uses multiple 
independent clouds. A multicloud environment has no volunteer interconnection 
and sharing of the cloud service providers’ infrastructures. Managing resource 
provisioning and scheduling is the responsibility of client or their representatives. 
This approach is used to utilize resources from both governmental clouds and 
private cloud portfolios. Types of multicloud are services and libraries. 
(a) Multicloud Service Clients access multiple clouds through 
à service. A service is hosted by the cloud client either externally or in-house. 
The services contain broker components. The multicloud service is depicted in 
fig. 5.8 (a). The intercloud projects that use multicloud services are OPTIMIS, 
contrail, mOSAIC, STRATOS and commercial cloud management systems. 
(b) Multicloud Libraries — Clients develop their own brokers 
by using a unified cloud API as a library. interclouds that use libraries facilitate 
the Usage of clouds in a uniform way. Multicloud libraries is depicted in fig. 
5.8 (b). Examples of several multicloud libraries are Java library JGleues, 
Python library Apache LibClouds, Ruby library, Apache DeltaCloud, PHP library 
SimpleCloud, ApacheNuvem. 


a | 
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Fig. 5.8 


Q.21. Discuss the various aspects in the realization of cloud federation, 


2 Ans. The aspects involved in the realization of cloud federation are as 
ollows — 


l ®© Standards — The role of standards is to build a platform for 
interoperation that goes beyond adhoc aggregations and private settlements 
between providers. The realization of an open organization is facilitated by 
standardized interfaces and protocols. The benefits are mainly technical — 


standards make easy the development of software and services that interconnect 
systems. 


(ii) Security — By using large computing infrastructures that 
eventually host applications, services, and data, cloud computing helps the 
development of expandable systems. Here, security arrangements form a 
fundamental need that cannot be neglected. Security management is even more 
difficult in the case of cloud federation, where confidential information is 
dynamically moved across different cloud computing vendors. 


Ina cloud scenario, key elements identified in the management of security 
availability management, access control, patch management, vulnerability 


management, configuration management, incident res 
access monitoring. 


are — 


ponse, system use and 


u iae Legal Issues — Apart from the technical difficulties needed in 
making clou computing occur, legal issues pertaining to access rights, privacy, 
and control are peculiar to cloud computing. E 


Q.22. What do you mean by 
cloud ? 


Ans. Elasticity refers to the capabilit 
depend on on-demand provisioning and de-provisioni 


the term elasticity related to federation 
[R.GP, June 2017 (BE)I 


interoperability in a cloud federation ? 
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Q.23. What kind of standards and protocols can be used to achieve 

[R.GP.V., Dec. 2014 (BE)] 

Ans. Following are some standards and protocols used to achieve 
interoperability in a cloud federation — 

(i) Open Cloud Manifesto — This is the first step towards the 
realization of a cloud interoperability platform. The manifesto has been drafted 
in 2009 as a result of the coordinated activity of different cloud vendors and at 

| the state writing lists more than 400 cloud computing services providers 


` supporting the vision it embodies. More than proposing standards, the manifesto 
- isa declaration of intent, endorsed by commercial players in the field of cloud 


computing, in realizing an interoperable and open cloud computing platform. 


(ii) Distributed Management Task Force (DMTF) — It is an 
organization with more than 4000 active members, 44 countries, and nearly 
200 organizations. DMTF is the industry organization leading the development, 
adoption and promotion of interoperable management standards and initiatives. 
With specific reference to cloud computing, the DMTF has introduced the 
open virtualization format and supported several intitiatives for interoperable 
cloud technologies such as the open cloud standards incubator, the cloud 
management working group and the cloud audit data federation working group. 

(iii) Open Cloud Computing Interface (OCCI) — lt is an open 
organization constitutes a set of specifications driven by the community and 
delivered through the open grid forum. These specifications define protocol: 
and API for various types of management tasks. Initially conceived to create : 
remote management API for IaaS type services, it has evolved into a wider se 
of APIs focusing on integration, portability and interoperability. 


(iv) Cloud Data Management Interface (CDMI) - It is a 
specification ofa functional interface that applications will use to create, retrieve, 
update and delete data elements from the cloud. This interface also provides 
facilities for discovering the properties ofa given cloud storage offering CDMI 
has been proposed by the cloud storage technical working group of the storage 
network industry association, which is an association promoting standards in 
the management of IT information with a particular focus on data storage. 
Storage network industry association has also produced a reference 
implementation of the CDMI, thus facilitating the process of quickly producing 
à working standard by means of the feedback from the community. 


Q.24. Discuss the interoperability issues in federated cloud environment. 
[R.GP.V., June 2017 (BE)] 
Ans. Cloud federation has several interoperability issues — 


(i Manageability — Although most cloud solutions control elasticity 
yet smart algorithms are required for efficient resource utilization. 


e 
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which searches the optimal combinations of services and deployment plans. 
Optimization models must be developed which optimize both resource-centric 
and user-centric QoS targets. 


(iv) Integration and Interoperability - SMEs have a large amount 
of IT assets like business applications in their premises and may not be migrated 
to the cloud. Sensitive data in an enterprise also may not be migrated to the 
cloud for security reasons and privacy. A need related to integration and 
interoperability arises between assets on premises and the cloud services. 
Issues related to identity management, data management, and business process 


(ii) Data Management — Meta-data information is requireq to 
support data in the cloud, and update standards are required to guarantee long. 
term storing and interoperable sharing among multiple service providers, 

(iii) Privacy and Security — Legislative issues during data distribution 
should be addressed and security problems are arise during resource sharing 
among multiple system must be eliminate. 

(iv) Federation and Interoperability — Proprietary method should 


be replaced by standard data structure and data representation method, To 
eliminate vendor lock-in, new methods are to be find to help interoperability, 


(v) Virtualization and Adaptability — Resource scheduling 
algorithms are needed to be improve to help cross platform executions. 


Migrations taking into account sudden increase in demands and rapidly 
changing workloads. 


(vi) Programming Models — New techniques are required to improve 


application development and deployment. Control on data distribution should 
be improved. 


(vii) Energy Efficiency — Scheduling policies are required to provide 
green and more efficient resource utilization with less power consumption. 


Q.25. What are issues faced in intercloud ? 


Ans, The requirements of cloud users often require different resources 
and the requirements are flexible and unpredictable most of the times. This 
aspect poses complex problems in provisioning of resources and delivery of 


application services. The following are the challenges faced in federation of 
cloud infrastructures — 


(i) Application Service Behaviour Prediction — lt is important that 
the system should be able to foresee the demands and th 
services. Only when it can predict 
dynamically scale up and down. Pre 
built. The challenge is to build such m 
functions suitable to different beha 
between different behaviours of a 

n D ci Mapping of Services to Resources — It is important to 
benc inii puc cost-effectiveness and utilization because of high 
t 

Ere ' ‘he system has to compute the bes 
are and hardware Viana Which result in a connie process of 

QoS targets are satisfied alone wo) > Mapping of services must guarantee that 
(iii) E ; ong with maximum system efficiency and utilization: 
Combinatorial optimization wes Driven Optimization Techniques ~ 
Ion problem is a market driven decision making strategy 


: e behaviour of the 
, if can take decisions intelligently to 
diction and forecasting models must be 
odels that accurately learn and fit statistical 


viours. It is more challenging to correlate 
service. 


orchestration need to be resolved. 


(v) Scalable Monitoring of System Components — The 
components in a federated system are distributed but the techniques employed 
for system monitoring and management use centralized approaches. Due to 
concerns of scalability, performance and reliability arising from the 
management of multiple service queues and large volume of service requests, 
centralized approaches are not suitable and architectures using service 
monitoring and management services based on decentralized messaging and 
indexing models are needed. 


0.26. Write short note on grid computing. 


Ans. As an evolution of cluster computing, grid computing was introduced 
in the early 90s. Grid computing introduced a new approach to access extreme 
computational power, large storage facilities, and a range of services. Users 
can use resources similar to other utilities like power, gas, and water. By 
means of Internet connection, grids initially developed as aggregations of 
geographically dispersed clusters. A computing grid was a dynamic aggregation 
of heterogeneous computing nodes. 


Q.27. What are the characteristics of grid computing ? 


Ans. There are four major characteristics of grid computing as follows — 

(i) Each grid node has its own ownership and management 
according to the distributed nature of the infrastructure. This suggests that no 
centralized authority is needed to control all the nodes. 

(ii) Some open standards are used for the nodes to interact and 
exchange information. 

(iii) Since the users are provided with the possibility to access 
distributed resources as if they were local, they can easily interact and cooperate 
together (e.g. exchanging data). Also, the plug and play concept assists on the 
fly service creation by aggregating codes, data and software components. A 


800d example is the integration of web applications while utilizing multiple 
CPUs. 
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(iv) Applications can usually be grid enabled but not all of them wii 
maintain scalability. Moreover, no tools are available to convert applications to 
fully benefit from the capabilities of a grid. 


Q.28. Discuss the advantages of grid computing. 
Ans. The advantages of grid computing are as follows — 


() The grid software acts as the brain behind the whole grid. Thus, 
it can centrally manage all the policies. 


(ü) A high level of scalability is achieved according to the modular 


plug and play nature of the grid. Any desktop or server can be attached to or 
removed from the network based on the preference. 


(ni) Upgrading does not force a downtime to the network. There 
are many resources to handle the ongoing tasks or projects while some resources 
go offline for any purpose. 


Uy) The job execution performance increases, especially for the jobs 
that can be well split into small chunks. 


tv) Applications can be split up among servers to be run and then 


the results can be smoothly combined and analyzed after the whole task is 
completed. Therefore, large SMP servers may be useless. 


Q.29. Discuss some disadvantages of grid computing. 
Ans. Some disadvantages of grid computing are as follows — 
(i) Many applications should be inevitably upgraded in order to utilize 
the advantages of the model. 
(i) Since various administrative domains are involved, sharing 


resources may cause political challenges. Many parties are unwilling to share 
resources that benefit others. 


(ui) Memory-hungry tasks and applications are usually required to 
be run on a large SMP. 


v) The interconnection between the nodes (resources) is often 
required to be fast (gigabit Ethernet). 


Q.30. Give the comparison between grid and cloud computing. 
Ans. The comparison between grid and cloud computing are as follows - 
(1) Construction of the grid is to complete a specified task, such a5 
biology grid, geography grid, national educational grid, while cloud computing 
is designed to meet general application and there are not grid for a special field. 
(u) Grid emphasizes the “ 
organization. Cloud is often owned b 
the community cloud, in this case, it is 
rcsources to different running instan 


resource sharing" to form a virtual 
y a single physical organization (except 
owned by the community), who allocate? 
ces, 
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' (iii) Grid strives to achieve maximum computing. Cloud is after on- 
emand computing scale up and down, in and out at the 
he overall computing capacity. 
j (iv) Grid aims to provide the maximum computing capacity for a 
uge task through resource sharing. Cloud aims to suffice as many small-to- 
medium tasks as possible based on user’ real-time requirements. Therefore, 
multi-tenancy is a very important concepts for cloud computing, 
(v) Grid trades re-usability for (scientific) high performance 
computing. Cloud computing is directly pulled by immediate user needs driven 
by various business requirements. | | 
= Asper technical aspects, there are some other comparison between grid 
and cloud computing — 


(i) Usage — Grid computing is very much in use in the academic 


"world and cloud computing is used much more in the corporate sector. 


same time optimizing 


=f 


(ii) Platform — Grid consists of smaller grids whereas cloud consists 
of one massive parallel computing system. 


(iii) Allocating Process to Resources — In grid computing, allocatin g 
processes to resources is done manually whereas in cloud computing, allocating 
processes to resources is done automatically. 


(iv) Scalability in Application Execution — In grid computin 
scalability in application execution is sequentially (i.e. user has to wait in k 
- queue) whereas in cloud computing, scalability in application Fein E 
- parallel (i.e. user does not have to wait for a node to be freed). So clou 
_ computing is more scalable then grid computing. 


Q.31. What is sky computing ? Write down its benefits and challenges. 


Aus. Sky computing is an emerging computing inoue! ped cai 
- from multiple cloud providers are leveraged to create large scale dis 
- infrastructures. 

Sky computing arises as a metaphor to illustrate " ly 1 ped ape 
computing, because such dynamically provisioned distribute siga n 
built over several clouds. lt can be described as a management up d storage 
environment of clouds, offering variable compans poetis veil site 
resources with dynamic support to real-time demands. Laying - sites with a 
Over distributed resources, combining the ability d ei ae to incoming 
usted networking environment, originates a highly eksis nem : 

Tequests with a seemingly infinite pool of accessible pines Ww networks 

Fig. 5.9 shows experiment on the sky in which bed etm. Es 
needed for intercloud communication and ViNe enables applic 
Clouds. 


ortum dem n Rom) r, c1 mer mmn 


(md 
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Fig. 5.9 Sky Computing 

Benefits — Following are the benefits of sky computing — 

(i) Single Networking Context — All-to-all connectivity. 

(ii) Single Security Context — Trust between all entities 
(iii) Equivalent to Local Cluster — Compatible with legacy code. 
Challenges — Following are the challenges of sky computing — 

(i) Intercloud resource creation and management 

(ii) Efficient intercloud communication. 

(ili) Efficient distribution of tasks. 

(iv) Fault tolerance. 


(v) Adaptability to resource dynamicity. 


Q.32. Explain in detail about the sky computing architecture. 


Ans. The main idea is to create a turn-around model to enable intensive 
computing in cloud networks. This is hoped to be achieved by enlarging the 
set of available resources in a way they overcome the problems referred before, 
like elevated latency between nodes. Also, it must be cross cloud provider in 
order to combine resources. To achieve this, there must be a structure capable 
of receiving instructions, process and return results from all different underlying 
cloud systems. The architecture of sky computing is shown in fig. 5.10. 

Each cloud provider, has a specific API that makes available an interaction 
with their own resources. All these can be aggregated by a middleware laye’ 
which allows controlling and managing resources by translating every command 
to the correspondent provider API. Abstraction, from bottom to top, is the kc 
for building a consistent system. The upper layer, sky computing, integrates the 
last level of Infrastructure as a Service and the next layer of Software 25 ? 
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Service. This is a critical layer, as it must be as comprehensive as possible in 
features and capabilities. Here, our main focus is HPC, but is must be possible to 
deal with other applications too. Management, with scheduling, accounting and 


billing. Should be well developed as well as monitoring and job submission. 


Accounting & Monitoring 
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Fig. 5.10 Sky Computing Architecture 


(i) Accounting and Billing — When providing users with a complex 
infrastructure like sky computing, it is crucial that the right usage is being kept 
for accounting and billing. Assuring a righteous accounting can make monthly 
usage use prediction, history analysis and the right planning for future use. 
The saved data also allows to bill the registered users for the used resources, 
both private and public combined. 

(ii) Monitoring Software — Monitoring is also a very important part 
of cloud management. Probing the resources allows to Tegister and control 
resource usage for a healthy running. For instance, detecting problems (out of 
memory, power off, overheat CPU, etc.) prematurely for an early resolution. 
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Nagios Is a monitoring system that enables organizations to identify and res lv 
IT infrastructure problems before they affect critical business eas im 
delivers awareness of IT infrastructure's status and allows to detec d 
problems and mitigate future issues before they affect users. 


(iii) Customizable Scheduler — A scheduler is a running daem 

that coordinates the virtual requests and the available resources usin £ differ H 
scheduling policies. It basically assigns to cach virtual machine (VM)aph ie 
host and a storage area depending on resource availability, obeying " p 
defined policies. Neither Deltacloud nor Aeolus have a scheduler the inue 
the deployment and rely on the destination cloud's management Some o i 
source projects available are Haizea and cloud scheduler. iil 


(iv) Cloud Computing Middleware — Middleware is a very important 
and useful part in the chain value. It provides an abstraction that illos to 
develop applications without being tied to an explicit cloud vendor. The 
drawback is that API operations are limited (providers’ operation set is lamen 
and can correspond to loss of performance. The sky computing management 
layer relies on the lower layer resources and interface, so it should be extremel 
stable and dependable. There are some projects undergoing for middleware, 
like the open-source libcloud, Deltacloud, jclouds, or fog , 
abiquous, Kaavo or Enstratius offer a more professional c 
and support, in exchange for a monthly fee, 


(v) System Assembling — The hardest part is to connect all pieces 
of the puzzle, thus is was successful. We managed to get Aeolus working with 
a hybrid infrastructure, featuring Amazon and OpenNebula with a custom 
scheduler Haizea and Ganglia. The structure was functional and stable, however 
the lack of some important pieces reduced the structure flexibility and agility. 
despite the occasional improvement by a new tweaks on fresh software ioe 


0.33. Discuss the characteristics of sky computing. 


Ans. The characteristics of sky computing are as follows — 


(i) Flexibility ore i 
ONPE Ll ility and Scalability — The sky can quickly scale upto 


amas ibis i xis to make resources available as they are needed. 
ud providers are extremely reliable in providing their services, with 
many maintaining 99.99% uptime. The connection is always on and as long 4S 
workers have an internet connection, they can get to the applications they 
need from practically anywhere. Some applications even work off-line. 


remote id iei and Trust — In the past, site owners could not trust ? 
X resource because they had no control over its configuration. 

~ ow that clouds let users control remote resources, however, this conce™ 

is no longer an issue. Combining the ability to trust remote sites with à trusted 

networking environment, a virtual site can now ources 


t and repair 


while others, like 
ustomized service 


exist over distributed res 
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(iii) Efficiency — Advances in processing, communication and 
systems/middleware technologies had as a result new paradigms and platforms 
for computing. 

(iv) Flexible Costs — The costs of sky computing are much more 
flexible than traditional methods. Companies only need to commission and 
thus only pay for server and infrastructure capacity as and when it is needed. 
More capacity can be provisioned for peak times and then de-provisioned 
when no longer needed. Traditional computing requires buying capacity 
sufficient for peak times and allowing it to sit idle the rest of the time. 

(v) Resource Management — Sky computing facilitates the 
implementation and realization of emerging technologies to deliver better 
customer experience with improved and real-time interaction across the business 
operations to maximize the value for the consumer and stakeholders where 
sustainability can be achieved with increased profitability and competitiveness. 


Q.34. Describe the various sky computing provider. 
Ans. The various sky computing provider are as follows — 


(i) Appliance Providers — Appliances can integrate the in formation 
using any configuration method from any appliance provider. This in formation 
in the templates is application specific and potentially different from appliance- 
to-appliance, but the templates themselves are uniform, and any context broke 
can process them. Example — Amazon was the first major could provider, 
Amazon Simple Storage Service (Amazon S3), Apple, Cisco, Citrix, IBM, 
Joyent, Google, Microsoft, Rackspace and Salesforce. 


(ii) Cloud Broker — An entity that manages the use, performance 
and delivery of cloud services and intermediates the relationships between 
cloud providers and cloud consumers and negotiation, configuration done 
manually. Example — AWS marketplace from Amazon, Blue Wolf, CloudCompare, 
CloudMore, which offers cloud services aggregation and activation through 
partners. The company serves the UK, Sweden, Finland, Denmark, Ireland, 
and more. Key partners include IBM, Microsoft, HP Autonomy, VMWare, and 
Cryptozone. 

(iii) SaaS (Software as a Service) — lt represent the largest cloud 
market and are still growing quickly. SaaS uses the web to deliver applications 
that are managed by a third-party vendor and whose interface is accessed on 
the clients" side. Examples — Google Apps, Salesforce, Workday, Concur, 
Citrix Go to Meeting, Cisco Web ExCommon. 

(iv) PaaS (Platform as a Service) — These are used for applications, 
they development, while providing cloud components to software. PaaS 

$e €s the development, testing, and deployment of applications quick, simple, 
Cost-effective. With this technology, enterprise operations, or a third- 
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odes and its also include many other ones. CPU load, amount of memory 
d combine together to calculate the load of machine. In our daily life 
‘example of load balancing is websites. Users could experience many problems 
without load balancing like delays, timeouts and long system responses. 

Fig. 5.11 shows different load balancing algorithms. This is mainly divided 


o 


b 
jhen 


party provide 
p r, can manage OSes, servers, storage, networking, and th P 
3 c aaS gs ; 
require 


soft i 2 i 
eii ken Examples " EngineYard, RedHat OpenShift, Googl 
» appFog (aF), Windows Azure, Amazon Weg Service(AWS) 


(v) laaS (Infrastructure as a Se 


for accessing, monitoring, Vila. 


nfrastructur, 
d 1 "s 
or bare metal), storage, networking, and networking 


. Instead of having to purchase hardware Outright, users 


Example — Amazon Web Services 
» Google Compute Engine (GCE), 


Q.35. What is load balancing ? 
icing ? What are the advantages of load balancing ? 
[R.GP.K., May 2019 (BE) 


such as compute (virtualized 
Services (e.g. firewalls) 


(AWS), Cisco Metapod, Microsoft Azure 


Load balancing helps in fair allocation of computing resource to achieve 


a high. User satisfaction and ilizati 
proper resource uti i ilizati 
id p i Ei utilization. High resource utilization 


applied in the cloud environment with suitable verifications. In cloud computing 
environment, load balancing algorithms can be divided i to tw i - 
first algorithm is batch isti Sen Moni c 
Eorim type is batch mode heuristic scheduling algorithms (BMHA) 
and second is online mode heuristic algorithms. In BMHA jobs are combined 
together when they are arriving in the system. The BMHA &chedilinm algorithm 
will start after a fixed time period. The examples of BMHA based algorithms 
are — First come first served scheduling algorithm (FCFS), round robin 
scheduling algorithm (RR), min min algorithm and max min algorithm. In on- 
line mode heuristic scheduling algorithm, all jobs are scheduled when they are 
arriving in the system. The cloud environment is a heterogeneous system and 
in this speed of each processor varies quickly and easily. The online mode 
heuristic scheduling algorithms are more appropriate and better for a cloud 
environment. It is very important to estimate proper load, need to do comparison 
of all load, stability of all different systems, performance of purposed sy stem 
interaction between all the nodes and nature of work to be transferred while 
developing a load balancing algorithm. The most important thing is selecting 


algorithm — 


into two categories — static load balancing algorithm and dyn i ania 


Load Balancing Algorithm 
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Fig. 5.11 Types of Load Balancing Algorithm 

(i) Static Approach — This approach is mainly defined in the design 
or implementation of the system. Static load balancing algorithm divide the 
traffic equivalently between all servers. 

(ii) Dynamic Approach — This approach considered only the current 
state of the system during load balancing decisions. Dynamic approach is 
more suitable for widely distributed systems such as cloud computing. 

Dynamic load balancing approaches have two types. They are distributed 
approach and non-distributed (centralized) approach. It is defined as following- 
: (a) Centralized Approach — In centralized approach, only a 
single node is responsible for managing and distribution within the whole system. 
Other all nodes are not responsible for this. 
y (b) Distributed Approach — In distributed approach, each node 
w dependently builds its own load vector. Vector collecting the load information 
4 other nodes, All decisions are made locally using local load vectors. Distributed 
Pproach is more suitable for widely distributed systems such as cloud computing. 
Advantages of Load Balancing — 


(D Scalability — The main advantages of the load balancing algorithm 
ny number of servers can be added easily without causing any 


Semi 
Distributed 


Cooperative 


is that a 
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disturbance and application can be performed smoothly through load b 


alancinp 
the servers in the cloud. 


(ii) Performance — An efficient load balancing helps to prov 
cloud services and cloud applications to respond faster compare to the usual 
completion time. Moreover the exccution time also get reduced to the greater 
extent through efficient compression techniques, and caching mechanism. 


ide the 


(iii) Availability — Load balancing mechanism guarantees to provide 
the services efficiently. In the case of unavailability of the few Servers, the 
load will be further distributed efficiently. 


(iv) Reliability — The reliability of the cloud services are protected 
by the redundancy of the server through which an application can be hosted at 
any cloud hub in the world. Even in case of the failure the cloud serving 


resource will not stop functioning and the services will be redirected to any 
other cloud location. 


Q.36. Write short note on resource optimization techniques. 


Ans. In the cloud IaaS (Infrastructure as a Service), the equipment is 
provided in the form of virtual machines running by a hypervisor software. 
Each virtual machine is characterized by a set of hardware resources, 
consisting essentially of CPU, memory and external storage network. The 


provisioning of virtual machines is on-demand and dynamically allocated to 
users. 


The general architecture of cloud shows the important place that takes 
virtualization software in the overall structure of the system. So any optimization 
at this level reflects positively on the overall performance of the cloud. Several 
resource optimization techniques are available, among these, especially there 
is live migration, load balancing and dynamic reconfiguration. 

(i) Live Migration — This process allows moving virtual machines 
from one physical node to another without service interruption and with à 
completely transparent way for the user. 


(ii) Load Balancing — |t can generally allocate workloads services 
while reducing the number of servers and improving performance. 

(iii) Dynamic Reconfiguration — 
machines provide the ability to modify the 
associated with a virtual machine (VM) w 

It appears as a new attractive 
optimization techniques. In cloud syst 
form of a lease, but in general they us 
is a loss for the client beca 
the provider, 


Dynamic reconfiguration of v irtual 
CPU power, the size of the memon 
ithout stopping its execution. 

solution particularly for resoure’ 
em, the client order resources in the 
es less resources than requested. | his 


fol 
use of unused resources and also can be a 1093 


a ae 


Thes 
During us d b 
enn DRC component comes into play to solve this problem. 
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Q.37. Explain the architecture of cloud with dynamic reconfigurable 


omponent. 


Ans. Cloud client typically lease virtual machines that -e fixed 

: ources, such as the number of cores, memory size, an so on. 

Fee cone are generally stable throughout the life of the virtual machines. 
M Lord: cine the resources used may be upper or lower to the 
la y the ‘client. It can cause a gap between the needs and 


The implementation of the dynamic reconfigurable component (DRC) is 


required to optimize the use of cloud computing resources. 


The DRC component is intended to correct the users resources requests 


resources requested and used. 


The DRC component as shown in fig. 5.12 will sper n E 
in real time, these resources are measured in ME d pm ps iii 
by key performance indicators (KPI) measuring pi k : dina Loi 
will assign new values of resources depending on p 


and inject them to the cloud manager. 


DRC 
(Dynamic Reconfigurable Component 


Cloud as 
Manager Measuring 


Fig. 5.12 Architecture Cloud with DRC ; data, and will 
The KPI measuring will be used to collect measurements gata, 
be transferred to the component for apply policy. : 
The component is intended not to bea pan of ie 
“ting on the outside of cloud manager. The componer 


cloud manager. It 1s 
it is designed to be 
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multiplatforms, it is independent of cloud management tools such as O 
Eucalyptus, Cloudstack and OpenNebula. The DRC compone 
for the optimization of material resources and other types of resource 
component could be used for the client as well as for the provider. 


MONITORING IN CLOUD, INSTALLING CLOUD PLATFORMS 
AND PERFORMANCE EVALUATION, FEATURES AND 
FUNCTIONS OF CLOUD COMPUTING PLATFORMS 


———/—— Á — A€€— m M 


Q.38. Discuss the cloud monitoring. 


Ans. In clouds, monitoring is essential for the health of the system 
important for both providers and consumers. Pr 


tool firstly for managing software and hardw 
providing continuous information for those resources as well as for consumers’ 
hosted applications on the cloud. Cloud activities like resource planning, resource 
management, data center management, SLA management, billing, 
troubleshooting, performance management, and security management essentially 
need monitoring to effective and smooth operations of the system. 


Consequently, there is a strong need for monitoring looking at the elastic nature 
of cloud computing. 


and is 
imarily, monitoring is a key 
are resources and secondly for 


In cloud computing, monitoring can be of two types — high-level and 
low-level. High-level monitoring is related to the virtual platform status. The 
low-level monitoring is related to information collected for the status of the 
physical infrastructure. Cloud monitoring system is a self-adjusting and typically 
multi-threaded system that is able to support monitoring functionalities. It 
comprehensively monitors pre-identified instances/resources on the cloud for 
abnormalities. On detecting an abnormal behaviour, the monitoring system 
attempts to auto-repair this instance/resourc 


e if the corresponding monitor 
has a tagged auto-heal action. In case of auto-repair failure or an absence of 


an auto-heal action, a support team is notified. Technically, notifications can 
be sent by different means such as e-mail, or SMS. 


Q.39. Write short note on performance management in cloud monitoring. 


Ans. Being the hardware infrastructure maintenance delegated to the 
providers, the cloud computing model is attractive for most consumers 
(primarily medium sized enterprises and research groups). However, despite 
the attention paid by providers, some cloud nodes may attain performance 
orders of magnitude worse than other nodes. If a consumer adopts a public 
cloud to host a mission-critical service or for a scientific applicatio 
performance variability and availability become a concern. Therefore, from 4 
consumer's perspective, monitoring the perceived performance is necessary 
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i s. For instance, 
es or to apply corrective measure k 
um Wer to host applications at multiple clouds to ensure high- 
between clouds depending on the diee acm m 
ince i iderably improve the 
ing i n necessary since it may consi V ` 
EE ruins and affect activity planning and repeatability of experimen 
p 


40. Discuss the following commercial monitoring tools — 
: (i) RevealCloud (i) Monitis 
(iii) LogicMonitor (iv) ela 
(v) CloudWatch (vi) Nimsofi a —Ü 
i alCloud — CopperEgg provides Revea o n 
BD uude: in 2010 and Rackspace is a main partner. Ager ier 
i sumers to monitor across cloud layers e.g. SaaS, see lari 
en is a dicated to only one cloud resources provider, ra ne 
ae 5 dp qe nsumer to get its benefits within most popular c ia 
vide s pde EC? Rackspace, etc. RevealCloud is one of the ap E 
is Ta that supports maintaining monitored historical oe dim 
upto jast 30 days data, which is considered as a prime feature tha 
ce à 


ercial monitoring tools lack. l . Ae 
comm (ii) Monitis — This was founded z moder E sd poses 
i i rmon : I 
pe. ee did obs cloud account. In rant 
ae = i pinna can remotely monitor any website for uptime, in- ea 
events OFU lond memory, or disk I/O, by installing Monitis uu Pes 
UM Mies pontis fede A Monitis agent can also be nd » ee a 
of Seiworked devices in an entire network Sang 5 baberi Widgets can be 
used instead of installing a Monitis agent on eac a information. Moreover, 
also emailed as read only version to share the een O 
Monitis provides rich features for reporting the s wed e.g. chart, or graph. 
consumers can specify the way a report should be WE i with others 
It also enables its consumers to share the dien e d it is a partner with 
(iii) LogicMonitor — lt was founded in p pes hb. salai 
Several third parties such as NetApp, VMWare, vss monitor across cloud 
RevealCloud, LogicMonitor enables its Bec o to operate monitoring 
layers e.g. SaaS, PaaS, and laaS. It also enables d in communications is SSL 
Operations on multi-cloud resources. Protocol use M cator uses aimee 
outgoing only encrypted connections. Moreover, 4 of retrieving data about 
network management protocol (SNMP) as a method o 
distributed virtual and physical resources. l — 
(iv) Nagios — lt was founded in 2007, Nagios anr ane 
monitoring. It enables its consumers to monitor their reso 
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inn Ei ieu as een as in-house infrastructure. Nagios utilizes SNM 
vri EGER áü i ed resources, Moreover, Nagios has been extend s 
using a ufo e Sri for both virtual instances and storage Sin 
collect the "Missed dia OS Server 5 required M 
Moreover, Nagios is a cloud solution as a user old e. zed olution, 

, "ud : to setu ; 
er. However, many possible engin ean hp crie muli 
gios servers to reduce the disadvantages of a centralized ES : 


v r . 
for e - It is one of the most popular commercial tools 
coated cece ud. It is provided by Amazon to enable its consumers 
cloud infrastructure as e = Ee Hence, it does not support slt 
to collect data are im i. toring, The technical approaches used in Cloud Watch 
Exil as plicit and not exposed to users. Cloud Watch is limited į 
8 resources across cloud layers. However, an API is pisi] for 


S 


(vi) Nimsoft — Y 

: — It was founded in 2011. Ni 

ers monitoring an : : . Nimsoft supports multi- 

Nimsoft ensis iis siu End physical cloud ae ese 
à] o view and monit i Fr i 

they are hosted on different cloud infrastructu pe nde i Cue 

can view resources on Goo id. 

and others through a unifi 

consumers the ability to m 


lay 


g. a Nimsoft consumer 
gle Apps, Rackspace, Amazon, salesforce.com 


an monitoring dashboard. Also, Nimsoft give its 
pa i. nitor on both private and public clouds. 
a - Explain in detail about the OpenStack. 
"E. ns. OpenStack is a set of software tools 
computi 
puting platforms for public and private clouds as well as it i 
ell as it is a 


collection of open soun 
ce software proj ; 
as-a-Service (I projects which provides a 
DIRASA ae Ser through a set of interrelated a 
- . o i ` 
software initiative which i £combindly launched an open-source cloud- 


for building and managing 


Sii: platform which provide 
platform for publi i 
TA public as well as 
terms of the Apache License pen-source software released under the 
i ed providing computing features 
» Where the actual software runs as à 


provides horizontal scaling very or managing a cloud environment. I! 


easy, which means that tasks which benefit 


om running CO 
|y by just spinning up more instances. 


! Components of OpenStack are as follows — 


i 
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1 


ncurrently can easily serve more as well as less users on the 


(i) Object Storage (Swift) — OpenStack Object Storage (Swift) is 


; scalable redundant storage system for objects and files. Objects as well as 


files ar 


center, 
integrity across the cluster. 


I (ii) Compute (Nova) — OpenStack Com 
g fabric controller, which is used for deploying and managing large 
rtual machines and other instances to handle computing tasks. 


(iii) Block Storage (Cinder) — OpenStack Block Storage (Cinder) 
js a block storage component, which is more analo 
‘notion of a computer being able to access specific location 


| wellas it provides persistent block-level storage devices for us 
In OpenStack, the block storage manages the creation, 


'computin 
numbers of vi 


"compute instances. 
attaching, detaching of the block devices to serv 


(v) Networking (Ne 
_ provides the networking capability 


- provides identity services for OpenStack or it is 


of access, and acts as a comm 
- System and can integrate with 


(viii) Image Service (Glance) 
provides image services to OpenStack, 
services for disk and server images, it also al 
templates when deploying new virtual machine 


Service which allows develope 


(x) Telemetry (Ceilometer) — 
(Ceilometer) provides telemetry services, whic 


mapped to the OpenStack services they can access. lt provides mul 
on authentication system across the cloud o 


existing backend directory services like LDAP. 


(vii) Dashboard (Horizon) — OpenStac 
the dashboard behind OpenStack which provides ad 
graphical interface to access, provision and automate cl 


(ix) Orchestration (Heat) — OpenStack Orchest 
rs to store the requirements ofa cloud applicat 


in a file that defines what resources are necessary for th 
OpenStack Telemetry Ser 


gous to the tradition 


ers. 


" networks and IP addresses easily, quickly and efficiently. 
(vi) Identity Service (Keystone) — OpenStack Id 


e written to multiple disk drives spread throughout servers in the data 
OpenStack software only responsible for ensuring data replication and 


pute (Nova) is a cloud 


al 


s on a disk drive as 
e with OpenStack 


(iv) Database (Trove) — OpenStack (Trove) is a database as a service 


" which provides relational and nonrelational database engines. 
utron) — OpenStack Networking (Neutron) 
for OpenStack and it is a system for managing 


entity (Keystone) 


a central directory of users 


k Dashboard (Horizon) 


instances. 


tiple means 


perating 


is 


ministrators and users à 
oud-based resources. 
— OpenStack Image Service (Glance) 


discovery, registraton and delivery 
lows these images to be used as 


at application. 


h allows the cloud to prov 


ration (Heat) 15 


a 
300 


sce 
"ds 
— 


U 


billing saisai 
Services to individ r 
each user's ual users of the cloud, it kee 


cloud. 


CONFIG_NTP_SERVERS=ip address of the main server (for 
example: 192.168.0.254) -line number 33 of the configuration 
file. 
CONFIG_HORIZON_SSL=y -line number 225 of the 
configuration file. 
(vi) packstack --answer-file=Iwx.text 
(vii) ovs-vsctl add-port br-ex ethO 
dhclient —v br-ex 
(viii) cd/etc/sysconfig/network-scripts/ 
mv ifcfg-brO ifcfg-br-ex 
vim ifcfg-br-ex 
Chage this information — 
//Bridge Networking Interface 


ps a Verifiable coy 


System usa : 
ge of cach of the various components of an Op nt of 
en 


Stack 


HTTP 
Dashboard 


ECZ/Admin API 


ECZ/OpenStack API 


| Game | Glance-API 
Nova-API 


Nova 


Glance 
ioni. DEVICE-br-ex -write in configuration file. 
Ditabase ONBOOT=yes -write in configuration file. 
<< USERCTL=yes -write in configuration file. 
[— —— NM CONTROLLED-no -wnte in configuration file. 
< IPV6INIT=no -write in configuration file. 
f PEERNTP=no -write in configuration file. 
Database DELAY=0 -write in configuration file. 
IPADDR=192.168.0.10 -write in configuration file. 


Ve 
ae GATEWAY=192.168.0.254 -write in configuration file. 
(ISCSI, ete.) NS1=192.168.0.254 -write i fi ion fil 
Fig. 5.13 O, . D 2.168.0.2 write in configuration file. 
0.42. Ho . i ck Architecture (ix) vim ifefg-ethO 
pe a w to install OpenStack on RHEL 6.4 Change this information — 
"E taliation Process of OpenStack on RHE DEVICE=eth0 -write in configuration file. 
First of all install RHEL 6.4 on your Personal L64- ONBOOT-yes -write in configuration file. 
these commands on terminal to install nn ei uter (PC), then follow (x) service network restart 
(i) yum install ke. i i) reboot 
mel*openstack* (xi) reboo 
(i reboot 0.43, List out the performance evaluation criteria of cloud computing. 
u) Ans, Some important criteria for performance evaluation of cloud 


ue : . 
eck or verify kernel is openstack or not 


uname -r computing are as follows — 


(ui) yum install openstack-packstack (i) Average response time per unit time, this criterion will cover all 
(iv) packstack ~-gen-answer-file 


(v) vim lwx.txt 
Change this information — 


factors completely. 
3 (ii) Network capacity per second (Mbps) or unit time, the most 
important factor associated with this criterion is network bandwidth, availability 
and scalability. 

(ii) The number of VO commands per second (IOPS) or unit time. 


7]wx.text 


184 Cloud Computing (VIII-Sem) 


l (iv) W 
unit of time. 
(v) Average wailing time per unit time. 

i "pm 

» ) Throughput (Req/Sec), this criterion will cover recoy 
capacity and processing power factors, i 
(vii) The average time of processing (exe/sec). 

(viii) Percentage of CPU utilization. 

(X) The number of requests executed per unit time 

: : 

) The number of requests per unit time buffer. 

xi) The number of rejected requests per unit time. 


buffering 


Q.44. Explain in detail about Google Cloud platform 
Ans. Developers can code. j 


» Pay as you use strate 
R i gy, Support of 
ptidelO, BigQuery, Firebase, PubSub, 


assandra on 
l Fig. 5.14 shows real ti 


Compute 
Engine 


Fig. 5.14 Real Tim 


e Stream Processing Google [oT 


© 


orkload (requests) to be serviced per second (Mbps) 
57 Or a 


cry, 


ee 


| 


i 


| 


b 


wait 
imaginable make it possible to ingest data continuously into the cloud, directly 
from the source at massive scale. 
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Q.45. Explain various characteristics of Google Cloud platform. 
Ans. Important characteristics of Google Cloud platform are as follows — 
(i) Streaming Insights — Events of interest fire off continuously in 


the physical world, and data that is required for decision making cannot always 


for offline analysis. Internet-equipped sensors on any physical item 


(ii) Tap into the World — A new type of device technology along 


with ubiquitous networking makes it easy and economical to mine information 
from any physical item and place. This untapped pool of data gives organizations 
visibility into parts of their operations previously considered “offline”. Combined 
with real-time processing and predictive analytics, an loT capability profoundly 
changes monitoring and management practices by enabling proactive resolution 
in response to real-time events, and ultimately, predictive capabilities. 


iii) From Small to Big (Data) — Each sensor-equipped device may be 


small and yields only incremental insight. Multiply this by hundreds, thousands, or 
millions of sensors all ingesting data to the cloud and the collective stream presents 
as a big data problem. Cloud Pub/Sub makes real-time, reliable processing of IoT 
data easy, and cloud storage products persist all big data efficiently and economically. 
ToT on cloud platform allows us to make extremely fast queries into any business 
‘and operating environment, without managing any infrastructure. 


(iv) Global Fiber Network — Google operates its own private fiber 


"network that spans the globe with over 70 points of presence across 33 


Countries, ensuring data to and from your devices gets delivered at ultra-low 
latency. Reliability and security are enhanced because IoT data do not have to 


travel the public Internet through the majority of its time in transit. Google's 
global network ensures that millio 


ns of devices and sensors distributed 
worldwide can deliver raw data efficiently so an organization can tap operational 
insight continuously with no disruption. 

(v) Google-Grade Security - Whether device-to-cloud or cloud- 
to-device, security is the most important concern as loT is increasingly used 
to support business-critical operations. All cloud platform APIs are secure by 
default with full encryption, backed by integrated and pervasive security across 
the entire infrastructure. Cloud LAM can ensure devices have access only to 
Iesources we explicitly designate. 

0.46, Write short note on cloud computing platform. 

Any, Open cloud platforms provide flexibility, on demand services and 
allow great amount of customization. The open source cloud platform provides 
features to end-user for improved scalability, portability, and flexibility as well 


= 
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as on-demand basis services. The most popular and common] 
source software such as CloudStack, Eucalyptus, Nimbus. 
OpenNebula, Xen cloud platform, TPlatform, Apache Virtual 


Y used 0 
, OpenStag, 


(VCL) and Enomaly elastic computing platform. The so mputing lab 


summarization would help the users to understand the char 
would allow users to choose better services according to thei 
and also make more unified decision on the open source 


according to their compatibility, scalability, implementation Platform 


deployment requirement, and development support. Since sland 


: most d and evolving technology there are many featu 
eing added the comparison is b l 
ased on the cu 
technology available i mc 
n these all open sou 
oe i l rce platform howeve 
corporation, enterprises of more features to improve the 


computing js 
res which are 
es as well as 
r there iş need 
m se fr: 

Q.47. Explain in detail about the Xen cloud latfc A 
Ans. The Xen cloud platform ites 


in a cloud. XCP does not prov 
focuses on confi 


rii. 


| one manages storage, VMs and the network 
nid ir iie de en architecture, but rather 

e of clouds. 
ian Ep do E S. It also enables external 
. 5.15 show 
nents. Its basic component 


bled to communicate with 


Fig. 
g. 5.15 XCP Architecture 


op 
while offering software based VLAN support. The open switch provides three 


software components — the physical network interface (PIF), the virtual network 


Pen 
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XCP networking deserves dedicated attention by itself. It is based on the 
en switch project. The approach distinguishes virtual from physical interfaces 


interface (VIF), and the virtual ethernet switch (VES). PIFs represent physical 
interfaces attached on a XCP host. Similarly, VIFs represent interfaces attached 
on the VM. The VES is a virtual switch on a XCP host, which can be used to 
connect VIFs with each other and with the PIF. A VES without an association to 
a PIF can be used to provide connectivity only between VMs on a given XCP 
host, with no connection to the outside world as shown in fig. 5.16. 


To Physical 
Ethernet 


Fig. 5.16 XCP Network Architecture 


XCP supports VLANs through the use of additional PIFs corresponding 
to specific VLAN tags. Thus, it is possible to see all traffic on the physical 
network interface using a VES attached to a PIF associated with the interface. 


Inter-host Communication — XCP provides a management infrastructure 
with an appropriate API to install, monitor and manage various aspects of the 
VM infrastructure. The API calls make use of the XML-RPC protocol to 
transmit requests and responses over the network. These XML-RPC requests 
and responses may also be exchanged between hosts in a XCP resource pool 
through HTTP protocol. If desirable, this inter-host communication can be 
turned secure using SSL-encrypted HTTP (HTTPS). 


0.48. Explain conceptual representation of eucalyptus cloud. Also 
explain in brief the components within eucalyptus system. 
[R.GP.V., Dec. 2013 (BE)] 
Ans. Eucalyptus (Elastic Utility Computing Architecture Linking Your 
Programs to Useful Systems) is an open source software infrastructure for 
implementing on-premise clouds built on top of existing IT and service provider 
infrastructure. Thus, with a eucalyptus private cloud, sensitive data remains 
secure from external intrusion behind the enterprise firewall. Eucalyptus was 
designed to ensure its compatibility with existing Linux-based data center 
installations, and can be deployed without modification on all major Linux OS 
distributions. The software framework is a highly modular cooperative set of 
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ii services that interoperate based on standard communication 
| rough, this framework, virtual machines and storage reso 
interconnected on an isolated layer 2 network. 


Protocols 
UTCCS are 


Your Eucalyptus Cloud 


Eucalyptus 


Username | | 
Password LLLI 


Management Platform 


Y= 


Virtualized Storage 


WD 


; f eucalyptus cloud system. 
ice component exposes a well defined language seat 


WSDL T" 

service can perform and Ties ontaining both the operations that the 

within the eucalyptus System are as follows. äi Structures. The components 
(i) Cloud . 

administrators, develop, oe It is the entry point into the cloud for 

responsible for queryin : > Managers, and end-users. The CLC is 

ans g the node ; gus 
making high level scheduli managers for information about resources: 


Fig. 5.17 


Fig. 5.17 showsac 
: onceptual r ; 
Each eu calyptus serv p epresentation o 


API in the form of a 


S respons 


» Or any machine that has net ~ It executes on a cluster front-end 
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information about a set of VMs and schedules VM execution on specific node 


< controllers. The CC also manages the virtual instance network and participates 


in the enforcement of SLAs as directed by the CLC. All nodes served by a 
single CC must be in the same broadcast domain. 


iii) Node Controller (NC) — Vt is executed on every host that is 
designated for hosting VM instances. NCs control the execution, inspection, 
and termination of VM instances on the host where it runs, fetches and cleans 
up local copies of instance images, and queries and controls the system software 
on its node in response to queries and control request from the CC. The NC is 
also responsible for the management of the virtual network endpoint. 


(iv) Storage Controller (SC) — Xt implements block accessed network 
storage and is capable of interfacing with various storage systems. An elastic 
block store is a Linux block device that can be attached to a virtual machine 
but sends disk traffic across the locally attached network to a remote storage 
location. An EBS volume cannot be shared across instances but does allow a 
snap-shot to be created and stored in a central storage system. 


(v) Walrus — lt allows users to store persistent data, organized as 
eventually-consistent buckets and objects. It allows users to create, delete, list 
buckets, put, get, delete objects and set access control policies. Walrus is 
interface compatible with Amazon's S3, and supports the Amazon machine 
image image-management interface, thus providing a mechanism for storing 
and accessing both the virtual machine images and user data. 


(vi) Management Platform — It provides an interface to various 
eucalyptus services and modules. These features can include VM management, 
storage management, user/group management, accounting, monitoring, SLA 
definition and enforcement, cloud-bursting, provisioning, etc. 


Q.49. Explain in detail about the OpenNebula. 


Ans. OpenNebula is a flexible tool that orchestrates storage, network and 
virtualization technologies to enable the dynamic placement of services on 
distributed infrastructures. A number of communities are actively using 
OpenNebula. Some of these are — the European Space Astronomy Centre and 
the European Organization for Nuclear Research (CERN). 

OpenNebula has been designed to be modular in order to allow its 
integration with as many different hypervisors and environments as possible. 
It assumes that the physical infrastructure adopts a classical cluster-like 
architecture with a front-end, and a set of host nodes where VMs will execute. 
There is at least one physical network joining all the cluster nodes with the 

front-end. The front-end executes the main OpenNebula processes while the 
Cluster nodes are hypervisor-enabled hosts that provide the resources needed 
by the VMs. 
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(iii) Workspace Resource Management — M is an open source solution 
to manage different V Ms, but can be replaced by other technologies such as } 
OpenNebula. ! 
(iv) Workspace Pilot — lt is responsi 
with few changes in cluster operation. This ¢ 
has administration tools. 


~ e ge 4 : p , 
ble for providing virtualization | 
omponent handles signals and p 


uting platforms. 


Q.51. Give comparison of cloud comp 
platforms are shown in table 5.1 — 


Ans. The comparison of cloud computing 
Table 5.1 


Character 
[Scalable — | Dynamic, scalable 
aas [as . | 
Deployment Dynamical Dynamical | 
deployment deployment deployment 
VM support Xen, VMware, Xen, VMware 


en 
Web service EC2, WSDL, |libvirt, OCCI, EC2, API 
WSRF 
Module Lightweight | Module 
components 


Linux 


Deployment 
Manner 


Web interface 


Structure 


Development Java 


Language 


